As the world becomes more technical, digital, and interconnected, there are two factions at war. Those that want to keep your data secure, and those that wish to use it for profit, whether by stealing, selling, or other means.
Then of course, there is the 800lb gorilla of Murphy’s Law in the room, where data can be lost due to technical reasons and human error. Here are 3 ways most companies lose their client’s sensitive data to the predators on the outside. If it happened to Sony, it can happen to anyone!
1) System failures, hardware, software, coding errors:
This rarely happens to large companies, but small web hosting companies, or IT firms usually have growing pains when trying to establish themselves as a larger player. The transformation can be chaotic and errors can happen that lead to a loss of client data, or exposing the information to outside networks. This is a combination of human error and technical issues, as hardware and software are interwined but a good IT technician can avoid this most common error.
2) Virus! Got to love those Red boxes popping up on your computer:
Viruses and Spyware are annoying on a personal level, but if a systems network gets infected, there is a potential to insecurely send customer data into the hands of thieves and other nefarious characters. This can be anything, from the mundane street address, to credit card information. Occasionally, even governments have problems securing data online as organizations have exposed many undercover agents and other highly classified data.
3) Social Engineering – Preying on the unsuspected:
Chances are you aren’t easily fooled. This doesn’t mean everyone working in your company is the same way. As humans we love to help one another out, because we are altruistic in nature and don’t want to disapoint others, or cause any unwanted attention by going against what we think to be the norm. No matter how large and sophisticated a company becomes, it’s ultimately ran by people, and people are flawed and can be manipulated.
So those are the three most common reasons for having your client’s sensitive information exposed to the “public”. As we become more digital, there are solutions to be put in place, but when all else fails, technology insurance is a growing trend. Much like life, auto, and home owner’s, digital is not some ephereal, magic set of numbers, but instead has moved into a paradigm shift where it’s just as equally important to protect as the notepad in your desk.
Ways to Prevent:
1) Redundancy and Trained IT staff:
There should be backups to backups to backups, and so forth when dealing with bank information, or highly sensitive information. Encrypted passwords and up to date hardware and best practices for coding to eliminate hardware, software, and human errors.
2) Firewalls and Limited Access:
Gone are the days of keeping networks open. You must limit the access to certain machine by either firewalls or restricting passwords to set individuals, otherwise you might find someone logging in from other region into your network (combination of a person being lazy and social engineering his own situation).
3) Establish Protocols:
If someone tells you they are going to be in trouble if they don’t get a password, you need to have a set of standard operating procedures in place. This is the same reason why Nuclear weapons (supposedly) need two people to turn the key simultaneously, to avoid anyone jumping to solo conclusions.
In the end, if there is enough incentive and money behind hacking your network, rest assured someone, somewhere is plotting on it. By following these guidelines you’ll improve your chances of surviving the next digital heist.
Matthew Anton is currently working for insurancefortechs.com