CLOUDTWEAKS CONTRIBUTOR PROGRAM

Join the CloudTweaks thought leadership contributor program which includes a customized profile, branded identity page, newsletter marketing, social amplification and more...

The program is currently available to consultants, influencers or executive level contributors.

Daren Glenister

Turn to the Cloud as Part of Your Data Breach Strategy

Data Breach Strategy

The latest Verizon Data Breach Investigations Report is out, and the verdict is in: data breaches are on the rise. While the news shouldn’t surprise anyone, there are some actionable insights to help improve cybersecurity organizational approaches and reduce regulatory risks.

The numbers don’t lie

Since its first release in 2003, this report has identified human error and carelessness as two of the biggest data breach enablers found in organizations worldwide. While these actions are both avoidable, they’ve consistently been the top culprits contributing to data breaches.

Despite the rise in awareness around bad user habits and the availability of a proliferation of security solutions on the market, the figures in the 2017 report reveal that user behavior is still the biggest threat:

  • 81% of hacking-related breaches leveraged either stolen or weak passwords
  • 39% of breaches occurred in Financial Services and Healthcare – two of the most heavily regulated industries
  • 51% involved criminal gangs
  • 25% of breaches involved internal actors
  • 21% were related to espionage

The report provides a very sobering view on the top risks associated with breaches that doesn’t seem to be getting any better. So, what’s the best way to reduce your chance of being breached? Let’s take a look.

The password double-edged sword

Stolen or weak passwords are a hackers delight. Once they guess or obtain your password, all of your information is theirs for the taking. This is why users are encouraged to keep changing their passwords or use complex passwords that are hard to guess. Using simple Multi-Factor Authentication (MFA) technologies not only increases security, but also provides a second layer of proof. By identifying the user by password AND something else, such as access to a specific physical device, it’s harder for hackers to crack your info.

If you work in Financial Services or Healthcare, you should immediately up your password game. Both industries are attractive to hackers due to the amount of sensitive information they can gather by cracking your code. For example, medical records are extremely valuable and can lead to fake ID creation and/or identity theft – both of which are big money makers on the black market.

Where’s the leak?

Data leak

The internal actors that commit 25% of data breaches are just bad business. These breaches – which are commonly committed by employees, partners, contractors – demonstrate that the organization breached does not have their content under control and out of harm’s way. If an employee requires access to specific data or files to do his/her job, that individual should have access to only that – not everything.

For example, contractors should only have access to the information they need to complete their job. Once that job is done, access should be removed quickly. When access to sensitive information is required, using tools such as Information Rights Management (IRM) ensures that only specific actions can be taken with that content (e.g., read-only, no printing), and watermarking clearly identifies the origins of a document right on the page, allowing use but not theft.

When bad actors achieve unauthorized access, all sensitive business information or Personally Identifiable Information (PII) should be unattainable. Encryption prevents classified information from ending up in the wrong hands, and functionalities like IRM or Customer Managed Encryption Keys (CMK) ensure access to content can be switched off, helping prevent espionage.

Data breach concerns are universal

Organizations in all industries face data breach issues. By ignoring them, you run the risk of not only losing business information, but also the potential loss of PII. The consequences can be more than just the prospect of non-compliance with regulatory issues, such as the impending GDPR, but reputational risk is also a possible outcome— resulting in lowered market value and loss of customers.

How can data breaches be prevented?

The first step to preventing data breaches is to take on the “not if, but when” mindset – be paranoid. By following simple steps outlined above, such as incorporating MFA into password-protected systems and using secure cloud collaboration technologies, you can reduce the likelihood of being breached and protect both your organization and sensitive information. However, you have to constantly monitor your security posture and that of your cloud vendors. Many cloud vendors have a security posture that is more secure than your own, use all the resources available to you Choose your cloud vendors carefully and you’ll be able to rely on them to keep your information private and secure.

By Daren Glenister

Daren Glenister

Daren is the Field Chief Technology Officer for Intralinks. Daren serves as a customer advocate, working with enterprise organizations to evangelize data collaboration solutions and translate customer business challenges into product requirements.

Glenister brings more than 20 years of industry experience and leadership in security, compliance, secure collaboration and enterprise software, having worked with many Fortune 1000 companies to turn business challenges into real-world solutions.

View Website
The Lighter Side Of The Cloud - Down The Drain
The Lighter Side Of The Cloud - The Weatherman
The Lighter Side Of The Cloud - Resolutions
The Lighter Side Of The Cloud - Troglodytes
The Lighter Side Of The Cloud - Accountability
State of the Cloud Report

State of the Cloud Report

Cloud Report As the definitive guide to the biggest trends in the cloud industry, this year’s “State of the Cloud ...
Everyone Has Data, but the Ones Who Can Optimize It Will Be the Winners

Everyone Has Data, but the Ones Who Can Optimize It Will Be the Winners

Big Data Strategies Data is ubiquitous, but success apparently isn’t. Companies using big data strategies are running headlong into an 85 ...
Death of Traditional Enterprise Storage

Death of Traditional Enterprise Storage

Traditional Enterprise Storage Back in 2003, Chris Pinkham and Benjamin Black, two engineers working for Amazon.com, proposed a dramatic overhaul ...
Infatuation leads to love - How container orchestration and federation enables multi-cloud competition

Infatuation leads to love – How container orchestration and federation enables multi-cloud competition

Container Orchestration The use of containers by developers -- and now increasingly IT operators -- has grown from infatuation to ...
When it Comes to the Communications Cloud, You Cannot Manage What You Cannot Measure 

When it Comes to the Communications Cloud, You Cannot Manage What You Cannot Measure 

The Communications Cloud As more and more real-time communications – whether voice, messaging, video or collaboration – move to distributed software ...
Multi or Hybrid Cloud, What’s the Difference?

Multi or Hybrid Cloud, What’s the Difference?

Multi Cloud You’ve likely heard about the latest trend in cloud computing commonly referred to as multi-cloud, and it is ...
Imminent IoT Eye-Tracking Technologies To Transform The Connected World

Imminent IoT Eye-Tracking Technologies To Transform The Connected World

IoT Eye Tracking Smelling may be the first of the perceptible senses, but the eye is the fastest moving organ ...
Free Report: "Gartner Report: 2018 CEO Survey"

Free Report: “Gartner Report: 2018 CEO Survey”

Deep discipline is required for digital business. Read the full report to learn how to: Prepare for more deeply disciplined exploitation of the digital business changes ahead, Lock the leadership into winning through digital business, Drive business model changes and ...
DevOps

DevOps

FIRST THINGS FIRST. WHAT ARE MICROSERVICES? Microservices are an engineering approach and architectural style of computing that is becoming extremely important for organizations wanting to innovate through a stronger engagement with their ecosystem of customers, suppliers and partners. To explain ...
15 Promising Cloud-Based Video Conferencing Services

15 Promising Cloud-Based Video Conferencing Services

Cloud Video Conferencing Services We have put together a compilation of some of the best cloud based conferencing services for businesses. The cloud video conferencing services market is expected to reach US$ 6.40 Billion by 2020 from the current $3.31 ...
12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services For Your Company

Business Intelligence (BI) Services Business Intelligence (BI) services have recently seen an explosion of innovation and choices for business owners and entrepreneurs. So many choices, in fact, that many companies aren’t sure which business intelligence company to use. To help ...
Infographic - Internet of Things (IoT) Will Be Top Technology Investment

Infographic – Internet of Things (IoT) Will Be Top Technology Investment

Internet of Things Investment Investors are jumping all over the opportunities abound when it comes to the Internet of Things and Big Data. There is simply way too much money at stake to ignore the potential that is going to truly ...
The Future Of Cybersecurity

The Future Of Cybersecurity

The Future of Cybersecurity In 2013, President Obama issued an Executive Order to protect critical infrastructure by establishing baseline security standards. One year later, the government announced the cybersecurity framework, a voluntary how-to guide to strengthen cybersecurity and meanwhile, the ...