Coke’s Internal Data Breach – Lessons Learned

Coke’s Internal Data Breach – Lessons Learned

Coke’s Internal Data Breach

Last Friday, Coke announced that sensitive information belonging to roughly 70,000 current and former North American employees was compromised because the data hadn’t been encrypted on company laptops (despite their company encryption policy.)1 The data breach occurred after a former worker stole several company laptops that locally stored employee information, such as social security and driver’s license numbers.

We’ve heard a lot about security breaches lately (Target and Neiman Marcus come to mind), but cases like Coke’s – a major breach of workers’ personal information – happen more than we realize. How can large and small companies alike learn from Coke’s recent internal breach? And what steps can we take to avoid ever experiencing an internal security breach ourselves?

The answer lies in the cloud. Simply put, cloud-stored data offers a highly secure alternative to locally-stored data. When sensitive information is no longer stored on devices that are regularly available to employees and the occasional passersby, the chances of that data being compromised drastically decreases. Cloud-stored data, generally speaking, can be accessed via remote devices over encrypted connections and do not require downloading to a local device. Local devices can enable data encryption, of course, and that certainly lowers theft and data breach risks, but by avoiding housing data locally altogether, consistent and thorough security can truly be maintained.

Another example of the perils of locally-stored data comes to mind right about now. One of the largest settlements for violating the Health Insurance Portability and Accountability Act (HIPAA) occurred when an Alaska Department of Health and Social Services employee left a portable hard drive containing the personal health information of thousands of patients in their car. It wasn’t long before the employee realized that the hard drive had been stolen. This security breach cost DHSS $1.7 million, and could have been entirely avoided if DHSS had stored its sensitive data off-premise and in the cloud.

Internal Security Measures

It may feel counterintuitive to move sensitive data farther away from you, in an effort to increase your internal security measures. But the fact is cloud hosting providers have extensive experience developing powerful safeguards and monitoring systems such as firewalls, intrusion protection systems, file integrity monitoring systems, encryption algorithms and virtual private networks. Given their decades of experience in managing large datacenters, cloud providers are well accustomed to properly disposing hard drives and backup devices. (In fact, secure data deconstruction has long been a crucial and appealing feature of cloud service providers.) Vulnerability scans serve as another crucial security asset offered by cloud providers, and allow organizations to detect disabled firewalls or any other potential security holes.

From vulnerability scans, to proper data destruction, to a central and secure ‘home’ for sensitive, internal data, cloud providers truly offer the utmost in security and can serve as trusted advisors for mitigating internal data breaches. Rather than joining the growing list of organizations, like Coke, who’ve had to overcome internal security breaches, lets all look to the cloud to maintain consistent and thorough security, both inside and out.

By Scott Walters, Director of Security at INetU

ScottWalters

Scott is the Director of Security for hybrid-cloud hosting provider INetU and has been instrumental in shaping the Company’s client services department, which provides customer onboarding and lifecycle support. Under his tenure as director of client services, Walters expanded the department to meet customer needs as the company introduced new cloud products, enhanced service levels for enterprise customers and most recently released the robust INetU Security Suite.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

One Response to Coke’s Internal Data Breach – Lessons Learned

  1. Compelling reasons to host data on cloud – however if employees of a company are the reason for majority data breach – what measures are in place for hosting services employees not to do the same?

Comic
Fintech Exploiting AI and Blockchain Technology

Fintech Exploiting AI and Blockchain Technology

AI and Blockchain Technology The field of artificial intelligence (AI) had progressed rapidly in the last ten years, though first recognized in the 1950s. From autonomous motor vehicles to digital personal assistants, the technology is making its way into a variety of industries, enabling better task automation, language processing, and data analytics. But more recently,…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…

What’s On The Horizon For Cloud Computing

What’s On The Horizon For Cloud Computing

Cloud Computing Trends Now that we are a little more than halfway through 2016, many experts are beginning to make their predictions about cloud computing for the rest of the year and beyond. While many of the trends aren’t too unexpected (the ever increasing acceptance of cloud solutions by businesses, for instance) other trends are…

Tesla Solar Plan Would Cost Billions To Implement

Tesla Solar Plan Would Cost Billions To Implement

A 1,500-word manifesto that Elon Musk unveiled last week, outlining his plan to expand Tesla Motors Inc.’s electric-vehicle line and to build “stunning solar roofs,” may end up costing the company tens of billions of dollars to carry out. Musk, Tesla’s chairman and chief executive officer, gave the estimate on Tuesday after a tour of the…

Healthcare IoT Security To Grow To $47 Billion In 2021

Healthcare IoT Security To Grow To $47 Billion In 2021

Healthcare IoT Security It’s obvious that IoT can make the entire healthcare industry more efficient. The kind of data involved can be used to save time, physical energy and operating costs. Because of this, devices that facilitate medical data are becoming more commonplace in the industry. This includes things such as wearables that can track…

Get Ready For Virtual Reality and the Cloud

Get Ready For Virtual Reality and the Cloud

Virtual Reality Cloud We’re lucky to live in an era where virtual reality is no longer relegated to the confines of a sci-fi movie universe. Thanks to technology introduced by products like Oculus Rift, consumers now have access to virtual environments with fully immersive graphic capabilities. As a result, companies have only just begun to…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

5 Ways To Ensure Your Cloud Solution Is Always Operational

5 Ways To Ensure Your Cloud Solution Is Always Operational

Ensure Your Cloud Is Always Operational We have become so accustomed to being online that we take for granted the technological advances that enable us to have instant access to everything and anything on the internet, wherever we are. In fact, it would likely be a little disconcerting if we really mapped out all that…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

Cloud Computing Then & Now

Cloud Computing Then & Now

The Evolving Cloud  From as early as the onset of modern computing, the possibility of resource distribution has been explored. Today’s cloud computing environment goes well beyond what most could even have imagined at the birth of modern computing and innovation in the field isn’t slowing. A Brief History Matillion’s interactive timeline of cloud begins…

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

The Monstrous IoT Connected Cloud Market

The Monstrous IoT Connected Cloud Market

What’s Missing in the IoT? While the Internet of Things has become a popular concept among tech crowds, the consumer IoT remains fragmented. Top companies continue to battle to decide who will be the epicenter of the smart home of the future, creating separate ecosystems (like the iOS and Android smartphone market) in their wake.…

Cloud Infographic – Guide To Small Business Cloud Computing

Cloud Infographic – Guide To Small Business Cloud Computing

Small Business Cloud Computing Trepidation is inherently attached to anything that involves change and especially if it involves new technologies. SMBs are incredibly vulnerable to this fear and rightfully so. The wrong security breach can incapacitate a small startup for good whereas larger enterprises can reboot their operations due to the financial stability of shareholders. Gordon Tan contributed an…

Containerization: The Bold Face Of The Cloud In 2016

Containerization: The Bold Face Of The Cloud In 2016

Containerization And The Cloud “Right now, the biggest technology shift in the cloud is a rapid evolution from simple virtual machine (VM) hosting toward containerization’’ says the CTO of Microsoft Azure, Mark Russinovitch, a man who deals with the evolving cloud infrastructure every day. In his words, containerization is “an incredibly efficient, portable, and lightweight…

Do Small Businesses Need Cloud Storage Service?

Do Small Businesses Need Cloud Storage Service?

Cloud Storage Services Not using cloud storage for your business yet? Cloud storage provides small businesses like yours with several advantages. Start using one now and look forward to the following benefits: Easy back-up of files According to Practicalecommerce, it provides small businesses with a way to back up their documents and files. No need…