Recently, another huge data breach occurred as Anthem Healthcare had over 80 million customer records compromised. Estimates are this breach is going to cost Anthem upwards of $100 million to rectify. And offering credit and identity theft monitoring, while helpful, won’t mean the experience will be painless for the people impacted if their identity is stolen. Unfortunately, these data breaches or data “thefts” have almost become commonplace. While the larger incidents get the headlines this can happen to companies of all sizes. The magnitude will be different, but the effects are the same for the company and its customers.
I use the word thefts instead of breaches because someone stole critical information. There was a break-in and valuables were taken. In this case it was social security numbers, but it could just as easily been credit card numbers, or company confidential information.
When I explain what happens with these breaches to people outside of tech, I compare it to a bank robbery. The breach is sort of like breaking and entering. Someone has gained access. In the case of bank robbery it is physical access, in the case of data theft it is virtual access. The end result is someone is inside looking for valuables. In a bank if the breach occurs after hours, all of the valuables should be secured in a vault. So there may not be much to steal. Likewise, in the case of data theft, all the valuables should be secured, but they may not be.
The obvious answer for stopping the theft is to eliminate the breaches. While this would be ideal, it is likely not realistic. That’s because as companies get smarter in trying to eliminate breaches, the thieves get smarter and more sophisticated as well.
A company needs to be vigilant to ensure value data isn’t accessible. Valuable data can be company specific, but there is some commonality. Things like personal identifiable information (PII), including credit card numbers and social security numbers are just a few of things to protect. There is also company specific information (intellectual property, financial data, etc.) that needs to be protected as well.
People I talk with have a hard time understanding the concept of data theft since it often happens in the virtual world. Data theft has a footprint similar to a physical robbery. First there’s the break-in, where someone gets into the network. Then they start to try and access the computers on the network. Once they access the computers, they start looking at the data. They could be in the network for days poking around, it is really hard to say. Many companies have likely been breached and don’t even know it.
Knowing the pattern most data-thieves follow it’s obvious where the breakdowns start and where we can do our part to protect sensitive data. There will be a continuous race for the companies to secure and protect their networks. Once thieves have access to the servers it is important there’s nothing valuable to steal.
To protect their sensitive and high value data, a four-pronged approach is needed where organizations:
- prevent access without proper credentials;
- limit the ability to access the network;
- make sure sensitive data and personally identifiable information is in the proper location and is secured properly;
- put a mechanism in place that understands when someone has accessed a file containing sensitive data or personally identifiable information.
In the event of a breach, one of the more important capabilities is to be able to perform full data forensics and audit trails. By doing so, you can determine who accessed what files when and whether or not that access was inappropriate. Not only that, but you need to know if there was confidential information in the data that was accessed, either purposefully or inadvertently. DataGravity can help you with data forensics and audit trails, right at the storage level. You can learn more about our Governance, Risk and Compliance solutions here.
Burying your head in the sand, saying it won’t happen or worse yet, waiting for the inevitable and accepting the consequences before it happens is not a solution.
What are you doing to protect your data house?2 Likes