The Latest / Data Security News
May 16, 2019
We see a lot of data security issues across industries, countries and organizations. It’s not hard to find news every week of the latest hack of security incident. What are some of the most common issues and how can they be combatted?
Unauthorized access is among the biggest data security issues facing organizations. Perhaps it’s the biggest. Through leaked password, phishing and social engineering, hackers so often cause trouble by compromising user accounts to networks.
By logging in with legitimate credentials, it can be hard for organizations to spot the damage before it’s too late. What organizations need to tackle the issue is multi-factor authentication. For example, biometrics ensure that the person is who they say they are, and when combined with something you have, such as am RFID card, something you know, such as a password or phrase, the chances of unauthorized access are reduced to zero.
This is becoming less of a problem, as more organizations are taking to encrypting their data. It’s certainly noticeable when organizations don’t. The damage to your organization can be colossal when data is not properly encrypted. A leaked encrypted database of passwords is one thing, but when a database of passwords is leaked and they are held in plaintext, the damage caused is massive and instant.
It gives hackers a huge database to attack people across the internet, not just on the service that was hacked in the first place. Organizations need to be using encryption to limit the damage should hackers get into their networks. Global Data Sentinel has a comprehensive approach to encryption that ensures security of each and every file.
Ransomware attacks are not as popular as they once were, but they are a threat organizations need to be prepared for. Ransomware encrypts your files and do not provide you with the decryption key unless a ransom is paid.
Organizations need the tools and knowledge to detect ransomware early when it enters their systems, and they need strong back-up and version control in order to limit the amount of damage any attack can cause. These tools, crucially, let you minimize the amount of downtime a ransomware attack can cause, often more costly than the ransom itself.
One of the largest growing data security issues, mainly taking the place of ransomware, has been cryptojacking. This threat infects your systems in much the same way other malware like ransomware does. Through links or attachments in emails or embedded in adverts online. However, once on your system, unlike ransomware, it does everything it can to make its presence unknown.
Instead it quietly in the background sucks up computational power and mines for cryptocurrencies for the hacker’s benefit. Organizations need to keep their detection tools up to date and informed of the signs of cryptojacking. To fight this threat, your systems need to be able to detect the subtle signs. Behavioral analysis and AI intelligence can help create a system that learns and helps tackle the issue.
We’ve concentrated so far on the data security issues that your organization can face from hackers. But the reality is, a huge number of security incident don’t have a nefarious quality. Mistakes caused by employees are often overlooked and neglected.
Good cyber security is not just about keeping attackers out but ensuring those within your network can operate in a safe and secure way. Global Data Sentinel helps achieve that in a couple of ways. For a start, through encryption and identity management, you can keep access to files on a need to access basis.
Limiting access to what people within your organization actually need is a great starting point. It stops them from accidentally leaking or sharing sensitive data they should never have had access to in the first place. On-the-fly, we let you customize each person’s access.
Global Data Sentinel also offers a secure email plug-in. We let you encrypt all your emails you send internally and externally. In practice this means that for people to read your emails they need the keys to decrypt them. Those keys are easily distributed, ensuring email remains convenient. But crucially, you can revoke those encryption keys at any time you wish. Send an email to the wrong person? No problem, just revoke the encryption key and they will never be able to read it.
Change your mind, or don’t want the contents of your email to sit on someone’s server? Again, just revoke the encryption keys. You can even send emails that restrict the receiver’s ability to forward or edit any attachments.
Solutions that reduce human error are just as important as those that keep out hackers.