We often associate a computer security breach with the theft or loss of information resulting from the intrusion of computer hackers. Indeed, these much talked about hackers are often the companies’ main worry. Is this fear justified? How do we prevent data theft or leakage?
One need only think of the hacking that took place at Ashley Madison last year. Information on members was collected, then disseminated. We learned this year that some 500 million Yahoo! members had the same thing happen to them, not to mention the massive hacking at Sony in 2014. The American company had been threatened at the time by a hacker group that if it did not answer their demands, a lot of secret information and movies would be made public before their release date.
Even more recently, a couple of weeks ago, there was a major DDoS attack which prevented access to important websites such as Paypal, Twitter, Spotify, and even CBC.
However, for SMBs in particular, the main risk does not come from the outside, but from the inside! Competitors are not always those who should be feared the most; in many cases, employees are the ones causing computer violations, whether it be intentional or not.
For example, an employee loses a smart phone without password protection. What if someone leaves the company and his access to the server is not removed? Access to accounts payable not only allows the disclosure of confidential information, but using them to place orders can also be problematic. The ex-employee could have his goods shipped elsewhere.
Naturally, some offenses are more serious than others, depending on the type of company. The idea is simply to pay attention to what is being done inside the company in terms of data protection since employees are responsible for 85% of corporate espionage.
In the beginning, the Internet was used to access online information and not for telecommuting using virtual private networks (VPN), as is the case today. There were websites but no applications intended for employees or customers, and there were no mobile devices to secure.
Today, with more and more SaaS’, such as Evernote, Dropbox, and other platforms of online storage, security has become a vital issue. Big companies are generally more aware of this type of risk, as opposed to SMBs who don’t always think about it.
If an employee uses software or an online service for data storage via his personal account and then leaves the company, to whom belongs the corporate information, accumulated for years, contained in the software? And if he copies the information using an online storage service, what prevents him from reusing it after his dismissal?
We therefore suggest you offer an internal service that will prevent data leakage related to the use of tools like Dropbox. If needed, you can also block access to other services.
Here are some strategies to prevent the risk of hacking and data leakage within your business. Of course, this is not a comprehensive list, but it may help you cover the main points.
Image credit : © EvgeniiAnd - Fotolia.com
 2014: A year of mega breaches, a Ponemon institute survey of 735 IY and IT security practitioner in the US.
The right use of technology addresses business challenges and drives business growth in all areas of an enterprise. We hope this blog will offer insight into developing strategies and tactics to enable you to identify those key drivers of growth and keep pace with and anticipate the rapid technology change of today.