Coke’s Internal Data Breach – Lessons Learned

Coke’s Internal Data Breach – Lessons Learned

Last Friday, Coke announced that sensitive information belonging to roughly 70,000 current and former North American employees was compromised because the data hadn’t been encrypted on company laptops (despite their company encryption policy.)1 The data breach occurred after a former worker stole several company laptops that locally stored employee information, such as social security and driver’s license numbers.

We’ve heard a lot about security breaches lately (Target and Neiman Marcus come to mind), but cases like Coke’s – a major breach of workers’ personal information – happen more than we realize. How can large and small companies alike learn from Coke’s recent internal breach? And what steps can we take to avoid ever experiencing an internal security breach ourselves?

The answer lies in the cloud. Simply put, cloud-stored data offers a highly secure alternative to locally-stored data. When sensitive information is no longer stored on devices that are regularly available to employees and the occasional passersby, the chances of that data being compromised drastically decreases. Cloud-stored data, generally speaking, can be accessed via remote devices over encrypted connections and do not require downloading to a local device. Local devices can enable data encryption, of course, and that certainly lowers theft and data breach risks, but by avoiding housing data locally altogether, consistent and thorough security can truly be maintained.

Another example of the perils of locally-stored data comes to mind right about now. One of the largest settlements for violating the Health Insurance Portability and Accountability Act (HIPAA) occurred when an Alaska Department of Health and Social Services employee left a portable hard drive containing the personal health information of thousands of patients in their car. It wasn’t long before the employee realized that the hard drive had been stolen. This security breach cost DHSS $1.7 million, and could have been entirely avoided if DHSS had stored its sensitive data off-premise and in the cloud.

It may feel counterintuitive to move sensitive data farther away from you, in an effort to increase your internal security measures. But the fact is cloud hosting providers have extensive experience developing powerful safeguards and monitoring systems such as firewalls, intrusion protection systems, file integrity monitoring systems, encryption algorithms and virtual private networks. Given their decades of experience in managing large datacenters, cloud providers are well accustomed to properly disposing hard drives and backup devices. (In fact, secure data deconstruction has long been a crucial and appealing feature of cloud service providers.) Vulnerability scans serve as another crucial security asset offered by cloud providers, and allow organizations to detect disabled firewalls or any other potential security holes.

From vulnerability scans, to proper data destruction, to a central and secure ‘home’ for sensitive, internal data, cloud providers truly offer the utmost in security and can serve as trusted advisors for mitigating internal data breaches. Rather than joining the growing list of organizations, like Coke, who’ve had to overcome internal security breaches, lets all look to the cloud to maintain consistent and thorough security, both inside and out.

By Scott Walters, Director of Security at INetU

ScottWalters

Scott is the Director of Security for hybrid-cloud hosting provider INetU and has been instrumental in shaping the Company’s client services department, which provides customer onboarding and lifecycle support. Under his tenure as director of client services, Walters expanded the department to meet customer needs as the company introduced new cloud products, enhanced service levels for enterprise customers and most recently released the robust INetU Security Suite.

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

One Response to Coke’s Internal Data Breach – Lessons Learned

  1. Compelling reasons to host data on cloud – however if employees of a company are the reason for majority data breach – what measures are in place for hosting services employees not to do the same?

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

Cloud Infographic: Cloud Apps (A Buyers Guide)

Cloud Infographic: Cloud Apps (A Buyers Guide)

Cloud Apps (A Buyers Guide) SaaS has gained huge popularity over the last few years, with an increasing number of enterprises adopting it mainly due to the benefits like pay per use and on demand service. Cloud applications entail thorough testing for their integrity, different from that of on-premise applications. This involves testing of business…

Monetization of the Internet of Things – Q&A With Brendan O’Brien

Monetization of the Internet of Things – Q&A With Brendan O’Brien

Q&A With Brendan O’Brien, Co-Founder of Aria Systems (Part 1) Monetization of the internet of things (IoT) is one of the most exciting and challenging issues facing the industry today, so we spoke with Brendan O’Brien to learn more. Brendan is the Co-Founder of Aria Systems, who are one of the leading innovators in recurring…

Cloud Infographic: Most Used Cloud Apps

Cloud Infographic: Most Used Cloud Apps

Cloud app and analytics company, Netskope released its quarterly Cloud Report. The new report reveals that enterprise employees are using an average of 397 different cloud apps (most of which are unsanctioned), when IT estimated they have 40-50 — that’s a tenfold underestimation. Below is an infographic provided courtesy of the group at Netskope which goes into further detail.…

Big Data Analytics Adoption

Big Data Analytics Adoption

Big Data Analytics Adoption Big Data is an emerging phenomenon. Nowadays, many organizations have adopted information technology (IT) and information systems (IS) in business to handle huge amounts of data and gain better insights into their business. Many scholars believe that Business Intelligence (BI), solutions with Analytics capabilities, offer benefits to companies to achieve competitive…

5 Considerations You Need To Review Before Investing In Data Analytics

5 Considerations You Need To Review Before Investing In Data Analytics

Review Before Investing In Data Analytics Big data, when handled properly, can lead to big change. Companies in a wide variety of industries are partnering with data analytics companies to increase operational efficiency and make evidence-based business decisions. From Kraft Foods using business intelligence (BI) to cut customer satisfaction analysis time in half, to a…

Featured Sponsors

2015 Advertising Opportunities - Find Out More!

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Blue square_logo_100x100-01
cisco_logo_100x100 vmware citrix100

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter