BRAND VISIBILITY 2019

The CloudTweaks brand visibility 2019 program provides a number of terrific opportunities to help leverage your brand and service bringing it to the forefront of the technology world. We provide sponsorship, lead generation services, custom content packages, blog management and promotion. Contact us for a quote!

partner-fortune-cloudtweaks
Daren Glenister

Turn to the Cloud as Part of Your Data Breach Strategy

Data Breach Strategy

The latest Verizon Data Breach Investigations Report is out, and the verdict is in: data breaches are on the rise. While the news shouldn’t surprise anyone, there are some actionable insights to help improve cybersecurity organizational approaches and reduce regulatory risks.

The numbers don’t lie

Since its first release in 2003, this report has identified human error and carelessness as two of the biggest data breach enablers found in organizations worldwide. While these actions are both avoidable, they’ve consistently been the top culprits contributing to data breaches.

Despite the rise in awareness around bad user habits and the availability of a proliferation of security solutions on the market, the figures in the 2017 report reveal that user behavior is still the biggest threat:

  • 81% of hacking-related breaches leveraged either stolen or weak passwords
  • 39% of breaches occurred in Financial Services and Healthcare – two of the most heavily regulated industries
  • 51% involved criminal gangs
  • 25% of breaches involved internal actors
  • 21% were related to espionage

The report provides a very sobering view on the top risks associated with breaches that doesn’t seem to be getting any better. So, what’s the best way to reduce your chance of being breached? Let’s take a look.

The password double-edged sword

Stolen or weak passwords are a hackers delight. Once they guess or obtain your password, all of your information is theirs for the taking. This is why users are encouraged to keep changing their passwords or use complex passwords that are hard to guess. Using simple Multi-Factor Authentication (MFA) technologies not only increases security, but also provides a second layer of proof. By identifying the user by password AND something else, such as access to a specific physical device, it’s harder for hackers to crack your info.

If you work in Financial Services or Healthcare, you should immediately up your password game. Both industries are attractive to hackers due to the amount of sensitive information they can gather by cracking your code. For example, medical records are extremely valuable and can lead to fake ID creation and/or identity theft – both of which are big money makers on the black market.

Where’s the leak?

Data leak

The internal actors that commit 25% of data breaches are just bad business. These breaches – which are commonly committed by employees, partners, contractors – demonstrate that the organization breached does not have their content under control and out of harm’s way. If an employee requires access to specific data or files to do his/her job, that individual should have access to only that – not everything.

For example, contractors should only have access to the information they need to complete their job. Once that job is done, access should be removed quickly. When access to sensitive information is required, using tools such as Information Rights Management (IRM) ensures that only specific actions can be taken with that content (e.g., read-only, no printing), and watermarking clearly identifies the origins of a document right on the page, allowing use but not theft.

When bad actors achieve unauthorized access, all sensitive business information or Personally Identifiable Information (PII) should be unattainable. Encryption prevents classified information from ending up in the wrong hands, and functionalities like IRM or Customer Managed Encryption Keys (CMK) ensure access to content can be switched off, helping prevent espionage.

Data breach concerns are universal

Organizations in all industries face data breach issues. By ignoring them, you run the risk of not only losing business information, but also the potential loss of PII. The consequences can be more than just the prospect of non-compliance with regulatory issues, such as the impending GDPR, but reputational risk is also a possible outcome— resulting in lowered market value and loss of customers.

How can data breaches be prevented?

The first step to preventing data breaches is to take on the “not if, but when” mindset – be paranoid. By following simple steps outlined above, such as incorporating MFA into password-protected systems and using secure cloud collaboration technologies, you can reduce the likelihood of being breached and protect both your organization and sensitive information. However, you have to constantly monitor your security posture and that of your cloud vendors. Many cloud vendors have a security posture that is more secure than your own, use all the resources available to you Choose your cloud vendors carefully and you’ll be able to rely on them to keep your information private and secure.

By Daren Glenister

Daren Glenister

Daren is the Field Chief Technology Officer for Intralinks. Daren serves as a customer advocate, working with enterprise organizations to evangelize data collaboration solutions and translate customer business challenges into product requirements.

Glenister brings more than 20 years of industry experience and leadership in security, compliance, secure collaboration and enterprise software, having worked with many Fortune 1000 companies to turn business challenges into real-world solutions.

View Website

Driving Transformation? It is possible to predict the future.

Driving Transformation? It is possible to predict the future.

Driving Transformation Previously, I wrote about the criticality of defining the Vision for your transformation - what is your real objective, how ...
Adopting A Cohesive GRC Mindset For Cloud Security

Adopting A Cohesive GRC Mindset For Cloud Security

Cloud Security Mindset Businesses are becoming wise to the compelling benefits of cloud computing. When adopting cloud, they need a ...
Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, ...
The Massive Growth of the IoT Services Market

The Massive Growth of the IoT Services Market

Growth of the IoT Services While the Internet of Things has become a popular concept among tech crowds, the consumer ...
blcokchain contributor

Cryptographic Key Generation – It’s Time To Pay Attention

Cryptographic Key Generation When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only ...
Survey results reveal the biggest Artificial Intelligence challenges

Survey results reveal the biggest Artificial Intelligence challenges

Biggest Artificial Intelligence Challenges We’ve been told countless times over the past few years what an impact Artificial Intelligence (AI) ...

Cloud Community Supporters

(ISC)²
AWS
HPE
CA Technologies
Cisco

Cloud community support comes from sponsorship, service opportunities and collaborative network partnership initiatives.

When it Comes to the Communications Cloud, You Cannot Manage What You Cannot Measure 

When it Comes to the Communications Cloud, You Cannot Manage What You Cannot Measure 

The Communications Cloud As more and more real-time communications – whether voice, messaging, video or collaboration – move to distributed software and cloud infrastructure, the management and security of real-time services becomes increasingly complex. Enterprises are moving to a zero-trust security posture, which means that every
The Digital Economy: Embracing The Latest Technological Advancements

The Digital Economy: Embracing The Latest Technological Advancements

The Digital Economy As you would expect, for any business to achieve successful growth and meet its objectives, it must be willing to embrace the latest technological advancements. Whilst big data and business intelligence (BI) don’t exactly top the leaderboard when it comes to the

"Top 100 Brand Influencer, Cloud”
-ONALYTICA

"Best Cloud Computing Blog"
-SYSADMIN MAGAZINE

"Top 10 Sites For Cloud Computing"
-DIGITALISTMAG SAP

"Top 10 Cloud Computing Blogs”
-MARKETING ENVY

"Top 25 Must Read Cloud Blogs"
-CLOUDENDURE