Avoid five data security risks

If the enterprise thinks its data store is very safe, then it is a big mistake. At present, the problem of enterprise data leakage is very prominent, here we introduce five kinds of common data security risk, and give the suggestion of avoiding risk.

Let's think about one question: What is the biggest security threat to corporate data? If your answer is a hacker attack or an IT staff violation, that's not exactly true. Indeed, the hacker's malicious attack can always arouse people's high attention, malicious violations by IT staff are more intolerable, but in fact the most likely to leak enterprise data is those who do not have the slightest malice, in other words, internal employees are most likely to use network file sharing or laptop computers to cause data leaks.

According to Ponemon Institute's latest survey, internal staff carelessness is by far the biggest threat to enterprise data security, resulting in data security incidents as high as 78%. The report also points out that while companies are constantly trying and applying the latest enterprise internal data protection technologies, they are not fully aware of the security implications of in-house employees ' laptops and other mobile storage devices.

The Storage Network Industry Association (SNIA) has published an enterprise storage security self-assessment methodology to test the degree to which the enterprise protects data. The results show that most companies are currently plagued by data disclosure problems. ITRC (Identity theft Resource Center) also shows that in the United States, 2008 data leakage events than the previous year increased by 47%. "Besides these are only recorded figures, I often receive some promotional information in my email address, apparently my personal information has been leaked through some kind of channel." "Itrc's founder, identity management expert Craig Muller said.

In fact, people should now be fully aware of the seriousness of the problem. Another survey conducted in 2008 by Ponemon Institute showed that more than half of the 1795 respondents said they had been told more than two times over the past 24 months, while 8% said they had received more than four such notices. But so far, companies don't know how to protect themselves. In the survey of Ponemon Institute, only 16% of the 577 security experts said the current security measures were enough to protect the company's data.

At present, the only way to solve the problem is to learn from other enterprises to avoid similar problems. Here are five common data disclosure issues, each of which gives us recommendations for avoiding security risks.

Internal theft

In November 2007, senior administrators of Certegy Check Services (a subsidiary of Fidelity National Information Services) stole data from more than 8.5 million customers with privileged data access permissions. He then sold the data to an intermediary, at a price of 500,000 dollars, after which the middleman sold the data to other businesses. After the incident, the employee was sentenced to four years in prison and was responsible for compensation for 3.2 million dollars in economic losses. Certegy Check Services officials said the matter was quickly resolved and the customer's personal information was not compromised, but its customers received promotional messages from other vendors who bought the stolen data.

In another case, a technical expert working in DuPont copied 400 million dollars worth of trade secrets before leaving the company and then switched to a rival Asian company in DuPont. According to the court's records, he downloaded about 22,000 summaries and 16,700 PDF files using privileged access, which document the main product lines of DuPont, including some of the new technologies developed. He bargained with DuPont's rivals for two months before downloading the data and finally reached a "deal". According to these criminal records, the court sentenced it to serve 18 months.

Price: In the case of DuPont, the U.S. government eventually compensated for its losses by $180,000 trillion, but its leaked trade secrets were valued at more than $400 million trillion. Moreover, there is no evidence that DuPont's leaked data has been "complicit" by rivals, the technical expert, which has made it impossible for DuPont to solve the problem through more effective legal means.

According to Semple's research, customer information theft is more costly than theft of intellectual property. In 2008, the cost of Certegy Check services for customer information loss was 20,000 dollars per person.

Analysis: ITRC's report showed that 16% of the leaked incidents that took place in 2008 were caused by internal theft, twice times the size of 2007. The reason is that many companies are now "headhunting", accompanied by commercial crime--a study by the Carnegie Mellon University Computer Emergency Response Team (CERT) that half of corporate crime in the 1996 to 2007 was stealing trade secrets.

Cert points out that there are two major incentives for insiders to steal trade secrets: the ability to get money and the ability to gain a commercial advantage. Although the latter is mostly from the staff ready to switch to start, but this type of situation is most often after the staff left to be found, because it left a secret access to data records. Visible, internal threats are one of the challenges of data security management, especially for those who have privileged access to the staff.

Recommendation: First of all, it is recommended that enterprises do a good job of monitoring the database, the current available access rights for different users set limits, so that the system can easily detect whether the staff responsible for specific jobs have access to data beyond the scope of work. For example, the DuPont company discovered its illegal behavior because it detected an unusual visit to the electronic data library by the technical expert. In addition, once data leaks are detected, it is most important to move quickly to reduce the likelihood of information proliferation and to submit legal authorities to conduct a rapid forensic investigation.

Second, enterprises should use personal access control tools to ensure that every person who has visited important information is recorded in the system. In addition, databases that hold customer and employee information should be strictly restricted to access. In fact, as far as daily work is concerned, how many people can have access to ID numbers and social Security numbers without permission? Therefore, personal information should have the same level of confidentiality as trade secrets.

Again, it is recommended that you use a data-loss prevention tool to prevent personal data from leaking when it is emailed, printed, or copied to a portable computer and other external storage devices. Such tools warn and record administrators when they attempt to copy personally identifiable data. But at present, many enterprises do not apply similar censorship record tool.

In addition, it is important to strengthen internal controls and audits. For example, an enterprise can supervise by setting up a network to censor or record database activities. It may not be enough to save detailed records, and the enterprise also needs to audit to see if anyone has changed or illegally accessed the record. Of course, relying on technology alone is not going to work, and businesses need to make sure that the data users you trust are truly trustworthy.