The Latest / Data Security News
April 19, 2018
Organizations need data breach prevention solutions because the last thing they want to do is make it easy for hackers to compromise their data and their customers. A couple of recent incidents and vulnerabilities have shown the danger organizations can put data in if they don’t stay on top of cyber security.
A data vulnerability on the website of the chain of bakeries, Panera bread, has recently come to the public’s attention. The vulnerability made it easy for anyone with basic hacking know-how to access the personal data of customers who had ordered takeout on the company’s website.
Via a simple web query, you could access account holders’ full names, home addresses, email addresses, phone number and the last four digits of a saved credit card. Not a great situation. But more damning than the actual vulnerability is how Panera Bread seemed to handle the issue.
The company was made aware of the vulnerability in August last year by security researcher Dylan Houlihan. But despite acknowledgement – the issues remained unaddressed until Houlihan went public with the issue, frustrated by the lack of action.
Panera Bread said:
“Our investigation is continuing, but there is no evidence of payment card information nor a large number of records being accessed or retrieved.”
Such a lackadaisical approach to data breach prevention solutions is probably more damaging for customer relations than the vulnerability itself. But this lapsed consideration for data security is more widespread than we would perhaps like to think.
Other security researchers recently found 1.5 billion business and consumer files exposed online. The files, for the most part, were payroll and tax return files of companies. They were publicly available after being stored insecurely in Amazon Simple Storage Service (S3) buckets, rsync, Server Message Block (SMB), File Transfer Protocol (FTP) servers, misconfigured websites, and Network Attached Storage (NAS) drives.
The list of companies affected is comprehensive and the researchers have started notifying them were appropriate.
Organizations need data breach prevention solutions that protect their data at all times. Here at Global Data Sentinel, we think the way to achieve that is to change the approach to cyber security. Instead of creating a strong firewall around your network, trying to stop access, organizations need to take a more comprehensive approach.
Global Data Sentinel uses encryption on an individual basis for every single file and bit of data. Such extensive encryption delivers security that can travel with your data at all times. Combined with identity management for access control, it creates a security ecosystem that can be tracked and audited with great accuracy, allowing for the detection and prevention of data breaches.
Vulnerabilities are becoming far too common in today’s online world. Organizations need to start employing data breach prevention solutions that put them back in control of their data at all times.
Global Data Sentinel empowers its clients to take back full control over their data, eradicating the threat of cybercrime.
May 20, 2015