The world today is more interconnected than ever before giving rise to minefields that can lead to hacking, data breach, identity, and data theft. Such kinds of threats have become too common calling it as a new normal for the organizations that deal with personal user data. Here are few of the recent examples of a data breach that had financial implications:
Equifax is one of the largest credit bureaus in the U.S. The personal information that was stolen includes- Social Security Number, birth dates, addresses and even license plate numbers for almost 143 million consumers. Around 209,000 of consumers have their credit card data exposed. The breach said to be started on May-18 but wasn’t discovered until July-18.
2. JP Morgan Chase:
The largest bank in the nation came under attack during the summer of 2014. It had comprised the data for more than 76 million households and 7 million small businesses data. The data stolen included- name, phone numbers, email address including the internal information of the users registered with business institutions. The bank had released a statement that no money was stolen from the data breach or we also don’t expect any data breach that could affect the users monetarily.
During the month of September this year, a new revelation was made that an attack on the computer network had exposed the personal information for more than 50 million users. The attackers had exploited Facebook’s code to gain access to user information and take control of their accounts. The social networking giant is going through a lot of scrutinies because of recent data breaches that have affected the election results and even caused the death of people. The Facebook currently has more than 2.2 billion users and connects with many third-party apps, so securing the data of so many people with the level of feature it provides is difficult but achievable.
The Identity Theft Resource Center recently released a statement that this year from Jan 1 to August 31 there has been around 864 total breaches that exposed more than 34-million data records. Somewhere around 50 percent of the retailers had their data breached over the past year. Though a number of threats each year are going to multiply, enterprises have to be prepared with a security plan. The security plan should be technical covering all different aspects of data surrounding and robust enough to deal with internal and external threats.
For more information, you can download our Data Security whitepaper.
Protection with encryption is low-cost security but effective even for major organizations that deal with thousand bits of data. How can data encryption be defined:
1. Encryption Inside the Firewall
Encryption of data inside the firewall centers depends upon the type of drive you have inside your computers or servers. If you have SSD (Solid-state drive) the encryption can be seamless as the drive is faster in performance. Instead of using common HDD that is totally unprotected the use of SED (Self-Encrypting drive) minimize the risk of data breach.
Software vendors such as McAfee, Symantec, Winmagic provide different solutions that can provide data protection for the SSD/SED. Several types of SSDs/ SEDs are available that provides 256-bit AES hardware encryption and support trusted computing group (TCG) opal 2.0 security policies.
2. Protection Outside Firewall
Mobility has been regarded as one of the main features of a growing and successful economy. The devices connected to the enterprise network pose a major challenge when it comes to dealing with threats. App management solutions along with data or applications encryption can prevent data loss but it cannot guarantee a data protection. Having a data protection policy will help you to define your end goals for data security without shuddering the current system.
Data protection is a long process and when dealing with a growing business you need to include data protection as your first priority. A data breach can be avoided if proper encryption and data usage policy are strictly followed. All the above breaches discussed could have been avoided if the enterprises had decided in implementing a strict data usage policy from third-party apps and encrypting the data before its being transferred to the third-party user. For more information on data security, you can download our whitepaper.