All human resources teams face a quandary when it comes to manufacturing infrastructure and resources, and the risk of data breaches. With manufacturing the No. 1 industry at risk from a data breach, doing nothing or leaving the issue to other departments is not an option. 

HR is responsible for the people aspect, and even long-established business leaders and process experts might not be security literate. Meanwhile, new hires, increasingly in the cloud age, believe all systems are protected. And, even in the age of high automation, management wants a regular supply of people on production lines to move and monitor processes or components, all with varying skill sets and weak points. 

Those managers then complain loudly to HR when alerts trigger over possible data or physical compromise or theft, the use of unauthorized devices, even old-school misdemeanors like surreptitious smoking breaks and other risks.

Despite careful vetting, and clear rules and regulations provided by HR. Regardless of that induction meeting and facility tour by a manager hammering home those points, the minute workers are unleashed on manufacturing offices, the production floor, warehouses or other areas, they can bring with them bad habits or pick up some new ones from other workers. 

The risk of a data breach is huge for manufacturing

The gravest threat to a business is a data breach. These can be triggered by a worker opening a malicious email, web page, pop-up or work file. Similarly, someone can bring an infected laptop, smartphone or tablet and connect it to the company network. Even highly IT-aware businesses are hacked on a daily basis, so firms should never assume they are well protected. 

Criminals and hackers launch millions of automated attacks daily, these broad assaults use new or well-known exploits to find weak points in networks. Or, if your business is a high value target, criminals can bribe or trick insiders to trigger a virus. The hackers can then sell proprietary business data, customer or banking information and other files to third parties, threaten to expose them to the public, or cripple the business in a ransomware attack.

Protecting the business against breaches

HR can support the business by ensuring a joined-up approach between IT, physical security, hiring and other teams to defend the business and its data. 

While it is up to your IT department to ensure networks and endpoints are protected, HR can highlight areas where new hires are using IT equipment, and ensure it is locked down to allow access for only essential applications and data. 

Similarly, while the physical security team will likely have a battery of cameras in critical locations around the manufacturing floor and business, HR can ask for new smart cameras as part of a manufacturing surveillance security system to track the activities of workers that HR or colleagues are suspicious of. 

Where HR comes into its own is security education. This can be through the use of training programs, thorough onboarding exercises, promoting ongoing testing, and ensuring clear reporting channels about any suspicious digital activity.

 Enhanced background checks as a business grows and becomes more digitally-focused will also help identify any workers who may be unaware of the risks or willfully ignorant. They can also codify acceptable behavior, especially in growing businesses that have previously relied on goodwill and lacked specific data use guidelines. 

Finally, HR can push the latest data legislation advice to the leadership. Highlighting guidelines, best practices and showcasing examples of companies that failed to follow that advice, and the fines or massive cost of a data clear-up (like the $76 million paid by Clorox in 2023 to resolve a major breach). These are all ways to ensure the business takes the risk of breaches seriously. This is vital in businesses that lack a strong legal department or rely on the light touch of outside counsel. 

Wrap up

The risk of a breach will only ever grow, especially in a world where hackers can impersonate the voice and video of a business leader with an urgent demand for a data file or access. Or, they can send clever emails that look like they come from the HR team with an urgent pay issue. 

HR needs to be aware of the risks, both at the technical and personal level. Managers need to be on top of the people that are likely to trigger a breach, and ensure that IT are strictly limited access, using recent developments like zero trust and ensure the business has the plans in place to cope with any breach. 

Guest writer.