Managing the constant threat of a data breach
Whether intentional or unintentional, the loss of confidential information to an untrusted environment falls under the banner of a data breach. This can occur in many different forms either externally or internally to an organisation. The hacker who breaks into computer networks, the rogue employee stealing information for personal gain or the unintended leak through physical loss (an iPad left in the seat pocket of an aeroplane) or unintended disclosure (a file sent to the wrong email address). But whatever the means, it’s very simple, organisations that neglect or do not even adopt the most basic data security protocols run the risk of severe financial penalties and reputational damage. There are serious consequences if company data falls into the wrong hands and a profitable market has grown up around the collection and resale of stolen data. The organisations that do plan for data breaches, implement security protocols, test them and monitor for intrusion have a much stronger chance of containing any threat and the risk of it spreading.
Should data become compromised, having an effective response plan can mean all the difference to the size and severity of the compliance failure and responding to the breach from the outset will be far less stressful if appropriate procedures are set in place. Here are a few measures worth considering:
- Don’t store data that you don’t need for a specific, definable and real business process, and don’t keep data for longer than it has value unless required to do so by law or regulation. The simple adage is “they can’t steal what you don’t have”.
- Ensure data security policies are current and communicated consistently across the business.
- Carry out regular security testing – vulnerability scans, penetration tests, security reviews.
- Encrypt mobile and portable devices.
- Implement physical security measures – even to the level of limiting access to specific areas of the building to authorised staff.
- Implement subject level access to specific data or information.
- Decommission IT assets in the correct fashion ensuring your data doesn’t end up in the wrong hands.
- Use data leakage protection in the form of advanced intrusion detection and prevention systems, activity logging and log analysis. Technologies that provide real-time analysis of system events to detect or prevent data theft are also now common.
The Ponemon institute conducts independent research on data protection and security policies and reports year in year out that the costs of stolen or lost information rise every year. Negligence continues to be the common cause with malicious external attacks on an individual basis forming the most costly. At Kroll Ontrack we have seen real life examples of how organisations can control certain factors to influence the financial and reputational costs and we know that those who educate, train their employees and implement a credible response plan vastly reduce the impact a data breach can have.
Next week, James Farnell will be writing a blog post on how to survive a dawn raid. You can see a preview below.