Big-Data

Data Violations – Record Year For Data Breaches

Record Year For Data Breaches

The news is full of data security breaches. This week, Sputnik International reported that Hacking Team had a 400 GB database stolen and published, and last month Ars Technica discussed in detail the information breach at the U.S. Government’s Office of Personnel Management. MSPmentor‘s current IT security news includes the hacking of databases at Harvard, a data breach discovered at Orlando Health, and 85,000 compromised debit and credit cards during the FireKeepers Casino data breach. Non-profit identity theft organization ITRC reported 400 data breaches this year as of June 30 and believes 2015 could top the charts for data violations.

report-breaches

See The Full Report

As if you didn’t have more important things to worry about – so here’s a quick look at how to stay ahead.

The Risks

  • Access control and authentication: are you certain only the necessary people have access to relevant data at all times?
  • Terms and conditions: are the standards of your service providers equal to those your organization maintains? And how secure are your own standards?
  • Virtualization technology: what are the security guarantees? How accessible are the services offered?
  • Data privacy: strict security measures need to be in place ensuring responsible data management, and industry and regulation compliance.

Security Strategies

  • Transparency: choose service providers that adhere to industry standards, provide clear service and product details, and have open lines of communication.
  • Drills: be sure to test for possible security holes, and plan for breaches. Just as you would prepare for physical risks such as fires, put emergency tests and procedures in place to counter data threats.
  • Backup: always have a backup. Do it now.
  • Diversify: minimize your risk by spreading data over localized and cloud servers; scatter service provider usage where possible.
  • Education: train yourself and your employees on security threats and defenses. Try to be proactive and keep up with the constantly-evolving environment.
  • Data tracking: understanding data-centric security tools helps maintain sensitive data and ensures you’re the first to know should something go wrong.
  • Policies in place: governance policies are essential and should be clearly established to safeguard data privacy. Data sensitivity classification helps apply the correct security techniques to relevant data sets.
  • Encryption: never store encryption keys in the software or with your data, and be certain that strong encryption techniques are being used. Always remember that data being used is also vulnerable, so take steps to ensure secure handling.

We’ve managed to get hold of Jay Jacobs and Bob Rudis’ Data-Driven Security: Analysis, Visualization and Dashboards, and are offering a free download for Cloud Tweaks readers this week. This valuable book discusses how the correct use and understanding of data can positively impact your security levels, covering concepts, tools, and techniques that surpass best practice alone.

By Jennifer Klostermann

Jennifer Klostermann

Jennifer Klostermann is an experienced writer with a Bachelor of Arts degree majoring in writing and performance arts. She has studied further in both the design and mechanical engineering fields, and worked in a variety of areas including market research, business and IT management, and engineering. An avid technophile, Jen is intrigued by all the latest innovations and trending advances, and is happiest immersed in technology.

Four Trends and Realities Confronting Security Today

Four Trends and Realities Confronting Security Today

Realities Confronting Security Today, the number of attempted data breaches, cyber attacks, and other bad behavior by bad actors continues ...
Chris

Why Containers Can’t Solve All Your Problems In The Cloud

Containers and the cloud Docker and other container services are appealing for a good reason - they are lightweight and ...
Economic Arguments For Cloud-Based ERP

Economic Arguments For Cloud-Based ERP

Cloud-Based ERP If your business has reached the point where an ERP system is necessary and it’s time to decide ...
Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and ...
David

De-Archiving: What Is It and Who’s Doing It?

De-Archiving I first heard the term “De-Archiving” a few months ago on a visit to a few studios in Hollywood ...
Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of ...
Palo Alto Networks Commitment to Educating European CEOs and Boards on Cybersecurity as a Business Issue

Palo Alto Networks Commitment to Educating European CEOs and Boards on Cybersecurity as a Business Issue

In recent years, the topic of cybersecurity awareness, education, training, and skills has grown in importance across the European Union. On each trip I take to Brussels, I am struck by how this is a ...
AT&T Unveils $15-a-Month Video Service

AT&T Unveils $15-a-Month Video Service

Wireless company’s fees for programmers would depart from industry practice AT&T Inc. T -1.20% on Thursday unveiled a new video service, called WatchTV, that aims to use a “skinny bundle” of channels to recapture some ...
F-Secure Takes A Big Step Towards Cyber Security Leadership By Acquiring MWR InfoSecurity

F-Secure Takes A Big Step Towards Cyber Security Leadership By Acquiring MWR InfoSecurity

Acquisition adds industry leading threat hunting platform to F-Secure’s detection and response offering and expands cyber security services to the biggest markets globally F-Secure Corporation, Stock Exchange Release 18 June, 2018 at 09:00 EEST F-Secure ...