Rick Insecurely Shares Confidential Payroll PII
There is no doubt that payroll records are full of personally identifiable information (PII). PII data in payroll records include employee names, addresses, Social Security numbers, tax information, medical details, and salary details. At the very least, payroll PII must be encrypted when shared or sent to prevent cybercriminals from stealing it or using it for ransom. When Rick, the Risky Rabbit, needs to send Payroll Pete payroll records for payroll processing, he searches the internet for a way to share the files and uses one that he thinks is a suitable solution.
Unfortunately, after using it to send Payroll Pete his past due payroll records, he discovers it is an unauthorized application and he violated a number of compliance standards by using it. Alternatively, should Rick have sent the data using his standard email client? No, any private data containing PII should only be sent or shared using a communications platform that uses end-to-end encryption standards. This will ensure that the PII data, if intercepted by a malicious actor, cannot be read. And to demonstrate compliance with PII-related regulations, you must be able to demonstrate you did so by quickly and easily generating governance tracking reports.