Your biggest security vulnerability isn’t your firewall; it’s a busy employee trying to get their job done. A single accidental click can lead to a data breach, with studies showing human error contributes to more than 8 out of 10 incidents. For Tampa businesses handling sensitive client information, this risk is too great to ignore. So, how can businesses prevent data loss from employee mistakes? The solution is a multi-layered defense that combines smart technology with practical, ongoing team training. This guide provides a clear framework to build that defense and protect your company’s critical data.
Key Takeaways
- Focus on practical, ongoing training: Move beyond one-time sessions by using regular phishing simulations and role-specific lessons. The goal is to build lasting security habits, not just check a box for compliance.
- Implement strict access controls: Use the principle of least privilege to give employees access only to the data they need. Enforce this with role-based permissions and technologies like multi-factor authentication (MFA) to create a strong technical defense.
- Make recovery your ultimate safety net: Since mistakes will happen, your ability to recover is critical. Automate your data backups and regularly test your restoration process to ensure you can bounce back quickly from any accidental data loss.
How Can Tampa Businesses Prevent Data Loss From Employee Mistakes?
The most effective way to prevent data loss from employee mistakes is by combining consistent employee training, clear data access policies, and supportive security technologies. While your team is your greatest asset, human error is a factor in over 80% of data breaches. An accidental click on a phishing email or a misconfigured cloud folder can have serious consequences for your business.
This isn’t about blaming your team; it’s about building a resilient system that protects your Tampa business from the inside out. A strong cybersecurity posture accounts for human nature and puts safeguards in place. We’ll break down the specific training programs, access controls, and technologies you need to create a powerful defense against accidental data loss.
What Are the Most Common Employee Mistakes That Cause Data Loss?
While we invest heavily in firewalls and security software, the reality is that your biggest vulnerability isn’t a piece of technology; it’s human nature. Studies show that human error is a factor in a vast majority of data loss incidents, ranging from simple accidents to falling for sophisticated scams. It’s not that your employees are malicious, they’re just busy. They’re focused on their jobs, and sometimes, that means security best practices take a backseat.
For Tampa businesses, where industries like healthcare, law, and construction handle incredibly sensitive data, these small mistakes can have massive consequences. Understanding the most common errors is the first step toward building a more resilient defense. It’s about creating a safety net that protects your team from inevitable slip-ups. Here are the five most frequent employee mistakes we see that lead to data loss.
Accidentally Deleting or Mishandling Files
It’s the digital equivalent of accidentally shredding an important document. An employee is cleaning up a shared drive, deletes what they think is an old folder, and suddenly, months of critical project files are gone. This type of accidental deletion is one of the most common causes of data loss. It can also happen when someone overwrites a crucial file or drags a folder into the wrong location, where it gets lost in a sea of other documents. While it’s an honest mistake, the impact is the same: lost work, project delays, and frantic calls to IT. This is why having a robust backup and data recovery plan is non-negotiable.
Falling for Phishing Scams
Phishing attacks are no longer just poorly worded emails from a foreign prince. Today, they are highly sophisticated, often impersonating company leaders or trusted vendors. An employee at an accounting firm might receive an email that looks like it’s from the managing partner, urgently requesting a client’s financial records. In a moment of haste, the employee attaches the file and hits send. The best way to combat this is to teach staff how to spot and report these threats. Without ongoing training, your team is left vulnerable, and one wrong click can expose your entire network, leading to a major data breach and financial loss.
Using Weak Passwords
Passwords are the keys to your digital kingdom, yet many employees use weak, repetitive, or easily guessable ones. Using “GoBucs2024!” for every login might seem easy to remember, but it’s also easy for criminals to crack. The Federal Trade Commission warns against using default credentials and recommends you require strong passwords that are long and complex. We often see employees sharing passwords for communal accounts or writing them on sticky notes attached to their monitors. This single point of failure can give an attacker access to everything from your email system to your company’s financial software, completely bypassing your other security measures.
Ignoring Software Updates
That little pop-up notification asking you to update your software is easy to ignore, but it’s one of the most important security actions you can take. These updates frequently contain critical patches that fix security holes discovered by developers. When employees delay these updates, they leave a window of opportunity open for attackers. We’ve seen businesses suffer from ransomware attacks that exploited a known vulnerability that had a patch available for months. Proactive patch management is a core part of our managed IT support, as it ensures you can always install the latest software updates without disrupting your team’s productivity.
Setting Incorrect Cloud Permissions
Cloud platforms like Microsoft 365 and Google Drive have made collaboration easier than ever, but they also introduce new risks. A common mistake is setting incorrect sharing permissions. For example, an employee might intend to share a file with one person but accidentally makes it accessible to anyone with the link. Suddenly, sensitive information like client contracts or employee PII is exposed on the public internet. Data Loss Prevention (DLP) tools can help keep an eye on and protect important data in cloud storage, but it starts with training employees on how to properly manage permissions for every file and folder they create.
What Training Programs Actually Reduce Data Loss Risk?
Effective security training is less like a one-time lecture and more like a continuous fitness program for your team’s security habits. The goal isn’t just to share information but to change behavior and build a resilient human firewall. A truly effective program moves beyond slideshows and generic advice, focusing instead on practical, hands-on exercises that prepare your employees for the real-world threats they will face. These programs are interactive, ongoing, and tailored to the specific risks your business and your employees encounter daily.
Run Phishing Simulations
The single most effective way to train employees to spot malicious emails is to let them practice. Phishing simulations involve sending controlled, fake phishing emails to your staff to see how they react. The goal isn’t to catch people out, but to provide a safe space to make a mistake and learn from it. When an employee clicks a link, the simulation platform can immediately provide a short, educational lesson on the red flags they missed. The Federal Trade Commission emphasizes that you should teach employees to spot fake emails and encourage them to report anything suspicious. This hands-on approach builds muscle memory, making your team far more likely to pause and think before clicking a real malicious link.
Compare Role-Specific vs. Company-Wide Training
While every employee needs a foundational understanding of security, a one-size-fits-all approach isn’t the most effective strategy. It’s best to use a combination of company-wide and role-specific training. Company-wide training should cover the essentials for everyone: creating strong passwords, understanding the company’s data policies, and recognizing common scams. Role-specific training, however, addresses the unique risks faced by different departments. For example, your finance team needs targeted training on avoiding wire transfer fraud and invoice scams, while your HR department needs to be aware of schemes that use fake résumés to deliver malware. This tailored approach makes the training more relevant and engaging for each employee.
Practice Your Incident Response Plan
Having a data breach incident response plan on paper is a great first step, but it’s useless if no one knows how to execute it under pressure. You need to practice the plan regularly. This can be done through “tabletop exercises,” where you gather key team members and walk through a simulated breach scenario, like a ransomware attack. What’s the first call you make? How do you isolate affected systems? Who communicates with customers? Practicing your disaster recovery plan helps everyone understand their roles, identify gaps in the strategy, and build the confidence to act decisively during a real crisis, which can significantly reduce the damage.
How Frequently Should You Conduct Training?
Security training is not a one-and-done event during employee onboarding. The threat landscape changes constantly, so your training program must be a continuous process. We recommend a layered approach to frequency. Conduct comprehensive security awareness training for all employees at least once a year. Supplement this with quarterly phishing simulations to keep skills sharp. Additionally, provide “just-in-time” training briefs whenever a new, significant threat emerges that could impact your business. A consistent schedule of reinforcement keeps security top-of-mind and helps build a lasting culture of vigilance. Partnering with a managed IT support provider can help you create and maintain an effective, ongoing training schedule.
How to Create Data Access Policies That Stick
Even the best security technology can’t protect you if your team has the wrong access to the wrong data. Creating clear data access policies is about setting firm, understandable rules for who can see and use company information. Think of it as building a digital framework that protects your most valuable assets from the inside out. A strong policy isn’t just a document that sits in a folder; it’s a living part of your cybersecurity strategy that you actively manage. Without these controls, you risk everything from accidental data deletion to a malicious breach caused by a disgruntled former employee. The goal is to find the right balance: giving your team the tools they need to be productive while ensuring sensitive information stays protected. Policies that “stick” are the ones that are simple to understand, consistently enforced, and regularly reviewed. They become part of your company culture rather than a hurdle to work around. This section breaks down the four essential components of building data access policies that actually work in the real world, helping you secure your Tampa business from the inside out.
Implement the Principle of Least Privilege
The most effective data access strategy starts with a simple rule: the principle of least privilege. This means you should give employees access only to the specific data and systems they absolutely need to perform their jobs, and nothing more. For example, your marketing coordinator needs access to social media and design tools, but they don’t need to see your company’s financial records. Similarly, a project manager might need to view project files but not have the permission to delete them. This approach dramatically shrinks your risk. If an employee’s account is ever compromised, the attacker’s access is confined to a small area instead of your entire network.
Use Role-Based Access Controls (RBAC)
Role-Based Access Control (RBAC) is how you put the principle of least privilege into action without creating an administrative nightmare. Instead of assigning permissions to each employee one by one, you create roles based on job functions, like “Accountant,” “Sales Rep,” or “HR Manager.” You then assign a specific set of permissions to each role. When a new person joins the accounting team, you simply assign them the “Accountant” role, and they automatically get the right access. This method is built into platforms like Microsoft 365 and makes managing permissions scalable and consistent. It ensures employees only have access to data relevant to their job, which is a core part of data loss prevention.
Conduct Regular Access Audits
Data access policies aren’t a “set it and forget it” task. Over time, employees change roles, take on new projects, and accumulate access rights, a problem known as “privilege creep.” That’s why regular access audits are essential. At least twice a year, you should review who has access to what. The goal is to verify that every employee’s current access level still aligns with their job responsibilities. These audits help you spot and remove unnecessary permissions before they can become a security risk. As part of our managed IT support, we often conduct these reviews for clients to ensure their access policies remain effective and secure over time.
Define Your Offboarding Process
One of the biggest security gaps in any company is its offboarding process. When an employee leaves, their access to company data must be terminated immediately and completely. A well-defined offboarding checklist is crucial. This process should include disabling their email and network accounts, revoking access to all cloud applications, recovering all company-owned devices, and changing any shared passwords they knew. A clear plan ensures that a departing employee, whether they leave on good or bad terms, can no longer access sensitive company information. Automating this process with an IT partner guarantees no step is missed, securing your data from the moment an employee walks out the door.
What Technologies Help Prevent Data Loss From Human Error?
While training and policies are essential, technology provides a critical safety net to catch mistakes before they turn into disasters. Implementing the right tools can automate protection, monitor for risky behavior, and secure your data even when an employee slips up. These technologies act as your digital guardrails, keeping your business on track and your sensitive information safe. For Tampa businesses, integrating these solutions is a key part of a modern cybersecurity strategy that accounts for the reality of human error.
Data Loss Prevention (DLP) Software
Think of Data Loss Prevention (DLP) software as a smart security guard for your company’s information. It’s designed to identify, monitor, and protect sensitive data from being shared or moved where it shouldn’t be. For example, if an employee accidentally tries to email a client list to their personal account or save it to an unauthorized cloud drive, a DLP tool can automatically block the action and alert an administrator. This technology helps enforce your data handling policies by actively preventing leaks, whether they happen on company computers, in cloud storage, or on mobile devices.
Multi-Factor Authentication (MFA)
Multi-factor authentication is one of the simplest yet most powerful tools for preventing unauthorized access. Even if an employee falls for a phishing scam and gives away their password, MFA acts as a second line of defense. It requires a second form of verification, like a code sent to their phone or a fingerprint scan, before granting access to an account. This makes it significantly harder for a cybercriminal to use stolen credentials to access your systems and data. Implementing MFA across all your critical applications is a non-negotiable step in securing your business from common employee mistakes.
User Behavior Analytics (UBA)
User Behavior Analytics tools use artificial intelligence and machine learning to learn what normal activity looks like for each user in your network. When someone deviates from their typical pattern, the system flags it as a potential threat. For instance, if an accountant who normally works from 9 a.m. to 5 p.m. suddenly starts trying to download large financial reports at 2 a.m., a UBA system would recognize this as unusual and trigger an alert. This allows you to spot potential data breaches, whether from a compromised account or an internal mistake, before major damage occurs.
Data Encryption Tools
Encryption is your data’s best defense if it falls into the wrong hands. It works by scrambling your information into an unreadable code that can only be deciphered with a specific key. You should encrypt sensitive data both when it’s stored on a server or hard drive (at rest) and when it’s being sent over email or the internet (in transit). This way, even if an employee accidentally sends a sensitive file to the wrong recipient or loses a company laptop, the data itself remains secure and inaccessible. It’s a fundamental layer of protection against accidental data exposure.
Microsoft 365’s Built-In Security Features
If your business uses Microsoft 365, you already have access to a powerful suite of security tools designed to prevent data loss. Features within Microsoft 365 allow you to configure DLP policies, enforce MFA, and classify sensitive information automatically. For example, you can create rules that prevent emails containing credit card numbers or social security numbers from being sent outside your organization. Regularly reviewing these security settings and ensuring software updates are installed promptly helps close vulnerabilities that could otherwise lead to data loss from simple human error.
Why Automated Backups Are Your Best Defense
Even with the best training and access policies, mistakes will happen. An employee might click a malicious link, misconfigure a cloud setting, or accidentally delete a critical project folder. That’s why your final line of defense against data loss isn’t just prevention; it’s recovery. Automated backups are your safety net, ensuring that when human error inevitably occurs, its impact is minimal. A solid backup strategy is a core component of any modern disaster recovery plan, protecting you not just from employee mistakes but also from hardware failure, software corruption, and cyberattacks. It’s about making sure you can get back to business quickly, no matter what happens. By automating this process, you remove the risk of someone forgetting to run a backup, creating a reliable and consistent copy of your critical information.
How Automated Backups Reduce the Impact of Human Error
Think of automated backups as your business’s “undo” button. When an employee accidentally deletes a client directory, the situation becomes a minor inconvenience, not a full-blown crisis. Instead of scrambling to recreate lost work or contact clients for missing information, you can simply restore the files from the most recent backup. Automation is the key here. Relying on employees to perform manual backups is risky; people get busy, forget, or go on vacation. An automated system ensures your data is copied consistently without anyone having to think about it. These backups should always be encrypted and stored securely, often in a separate cloud environment, to protect them from the very threats you’re guarding against.
Define Your Recovery Time (RTO) and Recovery Point (RPO)
To build an effective backup strategy, you need to answer two critical questions. First, how quickly must your business be operational again after an incident? This is your Recovery Time Objective (RTO). For a healthcare clinic using an EMR system, the RTO might be under 30 minutes. For a construction firm’s back-office accounting files, it might be four hours. Second, how much data can you afford to lose? This is your Recovery Point Objective (RPO), and it dictates your backup frequency. If you can’t lose more than 15 minutes of work, you need backups running every 15 minutes. Defining your RTO and RPO helps tailor a cybersecurity and recovery strategy that matches your operational needs and budget.
What a Reliable Disaster Recovery Plan Looks Like
Backups are a tool, but a disaster recovery (DR) plan is the instruction manual for how to use them when things go wrong. A reliable DR plan is a documented, step-by-step guide that outlines exactly what to do in a data loss event. It clearly defines roles, so everyone knows who is responsible for declaring an incident, communicating with staff, and initiating the recovery process. Most importantly, a good plan is a tested plan. You should regularly run drills to simulate a disaster, whether it’s a server failure or a ransomware attack. This practice run helps identify gaps in your process and ensures your team can execute the plan efficiently under pressure. A partner providing managed IT support can help you build and test a DR plan that guarantees you’re prepared for a real event.
How Do You Build a Culture of Data Security?
Technology and policies are crucial, but they only go so far. Your strongest defense against data loss is a security-conscious team. Building a culture of data security means shifting the mindset from “that’s IT’s job” to “security is everyone’s responsibility.” It’s about creating an environment where employees are aware of the risks, know how to respond, and feel empowered to protect company data. When your team becomes a human firewall, you drastically reduce the chances of a simple mistake turning into a major data breach. This cultural shift doesn’t happen overnight; it requires consistent effort, clear communication, and leadership buy-in. It’s the difference between employees clicking a suspicious link without a second thought and them pausing to report it. A strong security culture transforms your entire staff into an active layer of defense, making your business more resilient against ever-evolving threats. It’s a proactive strategy that pays dividends by preventing incidents before they can cause financial or reputational damage. Ultimately, it’s about embedding security into your company’s DNA, so safe practices become second nature for everyone, from the front desk to the corner office.
Set the Standard from the Top Down
A strong security culture starts in the C-suite, not the server room. If leadership treats security as an afterthought, so will your employees. Executives and managers must actively participate in training and openly champion security policies. For example, when a CEO talks about the importance of spotting phishing emails in a company-wide meeting, it sends a powerful message. This isn’t about just telling people what to do; it’s about showing them it matters to the entire organization. We help our clients by providing leadership with the tools and knowledge they need to lead by example, making cybersecurity a core business value. When your team sees that security is a priority for leadership, they are far more likely to make it their priority, too.
Make Reporting Security Issues Easy
Your employees are on the front lines and are often the first to spot something suspicious. But will they report it? Many people hesitate, fearing they’ll get in trouble or look foolish for a false alarm. That’s why you need a simple, blame-free reporting process. Create a dedicated email address or a direct line to your IT support for reporting potential threats. For our clients, our helpdesk support team serves as this friendly, accessible point of contact. Train your staff to report anything that seems off, from a weird email to a strange pop-up, and thank them when they do. Fostering an environment where employees feel safe raising their hand is one of the most effective ways to stop an attack in its tracks.
Reinforce and Reward Secure Habits
Annual training is a good start, but security knowledge fades. To make secure habits stick, you need continuous reinforcement. Think of it less like a single lecture and more like an ongoing conversation. Send out monthly security tips, run quarterly phishing simulations, and share real-world examples of recent threats. More importantly, use positive reinforcement. Acknowledge employees who spot a real phishing attempt or consistently use strong security practices. Some companies even create a “Security Champion of the Month” award. As part of our Managed IT Support, we handle these ongoing campaigns for Tampa businesses, ensuring the message stays fresh and engaging. This consistent effort keeps security top of mind and turns good practices into natural habits.
Keep Your Policies Up-to-Date
The threat landscape is constantly changing, and your security policies need to keep pace. A policy written two years ago might not account for new types of malware or the cloud applications your team uses today. Schedule regular policy reviews at least once a year, or whenever you introduce a new technology or business process. This review should cover everything from data handling procedures to your incident response plan. As part of our IT consulting services, we work with businesses to audit and update their policies, ensuring they align with current best practices and compliance standards like HIPAA or CMMC. An outdated policy is almost as risky as having no policy at all, so proactive updates are essential for long-term protection.
A Data Loss Prevention Checklist for Your Business
Think of data loss prevention as a series of proactive habits, not a one-time fix. Creating a simple, repeatable checklist helps you stay on top of potential risks before they turn into costly disasters. By regularly reviewing your controls, training, and technology, you can build a resilient defense against common employee mistakes. This checklist breaks down the five key areas your Tampa business should focus on to keep your sensitive information secure.
Audit Access Controls
Your first step is to control who can see and interact with your data. The goal is to give employees access only to the information they absolutely need to do their jobs, a concept known as the principle of least privilege. Start by reviewing all user accounts and their permission levels across your network, applications, and cloud services. Are there former employees who still have active accounts? Does your marketing team have access to sensitive financial records? Tightening these controls is a foundational cybersecurity measure. Enforce strong password policies and implement multi-factor authentication (MFA) wherever possible to add a critical layer of security.
Review Your Training Schedule
Even the best technology can’t stop a well-meaning employee from clicking a malicious link. That’s why ongoing security training is non-negotiable. You should teach your staff how to spot phishing emails, handle sensitive data correctly, and understand the importance of their role in protecting the company. Don’t just run a single session during onboarding. Instead, schedule quarterly refreshers or run phishing simulations to test their awareness. A consistent training schedule keeps security top of mind and turns your team from a potential liability into your first line of defense.
Verify Backups and Recovery Processes
When a file is accidentally deleted or encrypted by ransomware, your backups are your only safety net. But a backup is useless if it doesn’t work. You need to regularly verify that your data is not only being backed up but that it can be restored successfully. We recommend a 3-2-1 backup strategy: three copies of your data on two different media types, with one copy off-site. Test your data recovery services at least quarterly by attempting to restore a non-critical file or folder. This ensures that when a real emergency happens, you can recover your operations quickly and avoid significant downtime.
Review Your Security Tech Stack
Your security technology stack includes all the tools you use to protect your network, from antivirus software and firewalls to more advanced solutions. Modern data loss prevention (DLP) tools can automatically identify, monitor, and protect sensitive information in emails, cloud storage, and on local devices. For example, a DLP policy can block an employee from accidentally emailing a spreadsheet with customer credit card numbers to an external address. As a Microsoft Partner, we often help businesses leverage the built-in security features within Microsoft 365 to prevent these exact scenarios. Regularly review your tech stack to ensure it aligns with your current business needs and protects against emerging threats.
Test Your Incident Response Plan
No matter how well you prepare, you still need a plan for what to do if a data breach occurs. An incident response plan is a step-by-step guide that outlines exactly how your team will react to a security event. This plan should define everyone’s roles, from who to contact first to how you will communicate with customers. But a plan sitting in a binder does no good. You must prepare for the worst by running tabletop exercises where you walk through a simulated breach. This practice helps identify gaps in your strategy and ensures your team can act decisively under pressure to minimize damage.
How Managed IT Support Strengthens Your Data Loss Prevention Strategy
Putting all these data loss prevention measures in place can feel like a full-time job on its own. This is where a managed IT support partner becomes a critical asset for your Tampa business. Instead of just reacting to problems, a provider like IGTech365 acts as your dedicated IT department, proactively building and maintaining your defenses against human error. Our Managed IT Support brings the expertise and tools that are often out of reach for small and mid-sized companies.
A key part of our role is implementing and managing the right technology. We deploy advanced DLP tools that automatically monitor how sensitive information is used and shared across your network. This is a core component of our cybersecurity services. We also establish strict access controls and encryption protocols, often using the powerful security features built into platforms like Microsoft 365. This ensures that employees can only access the data they absolutely need to perform their jobs, drastically reducing the risk of accidental exposure.
Beyond technology, we focus on the human element. We help you develop and practice a clear incident response plan, so your team knows exactly what to do if a data breach occurs. We can also facilitate ongoing employee training and phishing simulations to build a stronger human firewall. Through regular security audits, we check your systems for vulnerabilities and provide clear, actionable reports, giving you a constant, expert eye on your company’s security posture. This comprehensive approach turns your data loss prevention strategy from a checklist into a living, breathing part of your business operations.
Related Articles
- Cybersecurity Tip for Business in Tampa Bay | IGTech365
- Protect Your Business with Tampa’s #1 Best Cybersecurity Tips | IGTech365
- Cybersecurity Services Tampa – Protect Your Business with 24/7 Monitoring, Threat Detection & Data Security | Top Cybersecurity Company in Tampa Bay | IGTech365
Frequently Asked Questions
This sounds like a lot of work. Where is the best place for a small business to start? It can definitely feel overwhelming, but you don’t have to do everything at once. The best place to start is with the action that gives you the most protection for the least effort: implementing multi-factor authentication (MFA) on all your accounts. This single step makes it significantly harder for a stolen password to cause a breach. After that, focus on creating a simple offboarding checklist to ensure departing employees lose access to everything immediately. These two actions alone will dramatically improve your security.
My employees are smart and trustworthy. Do we really need to worry about them making these mistakes? This is a great question, and it’s not about a lack of trust or intelligence. The reality is that modern cyber threats are designed to trick even the most careful people. Scammers create incredibly convincing emails that can fool anyone who is busy or distracted. Think of these security measures less as a way to police your team and more as a supportive safety net. You’re creating a system that protects good employees from honest mistakes and sophisticated scams.
Can’t I just install good security software to solve this problem? Security software is absolutely essential, but it’s only one piece of the puzzle. Technology like a firewall or antivirus is your first line of defense, but it can’t stop an employee from accidentally emailing a sensitive file to the wrong person or being tricked into giving away their credentials. A strong defense combines technology with clear policies and ongoing employee training. The software is the seatbelt, but the training is what teaches your team how to drive safely.
What is the single most effective action we can take to reduce our risk from human error? If you can only do one thing, it should be running regular phishing simulations. These controlled, fake phishing campaigns are the best way to train your team to spot and report real threats. It provides a safe environment for them to make a mistake, learn from it instantly, and build the muscle memory to pause before clicking. This hands-on practice is far more effective than just telling them what to look out for in a presentation.
How often should we be reviewing our security policies and access controls? Security isn’t a “set it and forget it” project; it requires consistent attention. We recommend conducting a full review of your data access controls at least twice a year to make sure employees only have the permissions they truly need. Your broader security policies, like your incident response plan, should be reviewed and updated annually or anytime you introduce a new major technology or business process. This regular maintenance ensures your defenses keep up with both your business and the changing threat landscape.