Data security risks are a constant hassle. Businesses are in a never-ending fight to insure that they protect themselves from data risks, but sometimes it feels like a losing battle.  Media sensation points fingers at hackers and reinforces the “dangerous outsider with malicious intent” narrative of data theft, but this narrative ignores the largest data risk for businesses — their employees.

Employee behavior and their (lack of) vigilance lead to an overwhelming number of security problems. From stolen laptops, BYOD woes, social media use, and lost gadgets, employee gaffes are a major source of data vulnerabilities.

Our infographic runs down the main forms of security risks employees entail:

Employee Data Breaches Infographic (1)

Maybe the most depressing take-away is that having an airtight security policy is not as effective at preventing these employee gaffes as we all wish it could be. For the amount of work businesses put into drawing up these policies, it is frustrating — though unsurprising — that most employees are often not aware of key components of their company’s security protocols.

What can be done if not through policy? Forcing employees to internalize these policies is out of the question — it’s not likely to be productive or effective. Instead, companies can familiarize themselves with the kinds of risks employee behavior can entail and respond accordingly.

There are ways to either pre-empt or troubleshoot security risks even when something like employees losing laptops occur. Devices can be encrypted, data can be wiped remotely, and BYOD can be managed. Knowing the risks is the first step in managing them.

It’s time to stop focusing entirely on the occasional bogeyman out to hack your data, and start thinking about how to manage those consistent,  real — and complicated — humans that make up your workforce.

Cam Roberson is the Director of Reseller Channel for Beachhead Solutions.