Are you leaving an open door for hackers? Could your decisions endanger your business? This nightmare became a reality for film giant Sony Pictures when a data breach led to five films being leaked and downloaded two million times. Five executive salaries and budgets were also compromised, leading to a disaster that threatened to destroy .6 billion in revenues for 2014. So, where did they go wrong?
Sony had poor safeguards in place, never expecting a cyberattack could take them down. Bad relationships with ex-employees may have further aggravated the circumstances — Sony had laid off hundreds of employees the past year. Some of these employees had administrative access and the means to carry out such an attack.
Today, let’s explore best data breach prevention practices so your business doesn’t end up like Sony.
What Causes Data Breaches?
According to a study conducted by Verizon, 52% of all data breaches were perpetrated by hackers. These hackers were able to access the network in multiple ways: 76% of data breaches were attributed to weak credentials, while privilege abuse, the practice where employees inappropriately use their administrative access for personal gain, comprised 13% of these hacks. All of these statistics have one thing in common: humans.
Data breach prevention starts with addressing the human component of your business. Untrained employees leave the door wide open for hackers to step in and take your data. For video production companies, employees can share proprietary commercial and web videos with clients. If this information were to fall into a competitor’s hands, it would mean a loss of competitive advantage for both the production and client companies.
The first step in prevention is recognizing the common pitfalls of employees. Then you must learn how to overcome them through technology and education.
1. Keep Your Information Off the Red Carpet — Share and Store Securely
Similar to the early stages of filmmaking, businesses exchange sensitive documents. These include budgets, contracts and salary negotiations. To the employee who is just trying to complete projects in an efficient manner, technical delays aren’t an option.
Many employees may decide sharing sensitive documents via email or cloud storage is the most efficient option. Yet, sharing a file through consumer cloud services triples the probability of a major data breach. This means hackers could have access to your private and professional information.
How do you counter this? Use a file sharing and management tool designed with enterprises or businesses in mind. Consumer solutions like Dropbox aren’t safe for businesses because your IT department doesn’t retain control. Furthermore, data encryption is very limited. These are weaknesses that hackers could exploit. When choosing a solution, keep compliance features in mind. These include encryption, password protection and governance tools (we will talk about this next).
Once you have selected a cloud or hybrid service for your business, you must train your employees. In order to achieve the best results, employees must understand the importance of data protection. Some ways to engage employees include lunch-and-learns, an employee code of conduct for technology expectations document and personal training from the IT department.
2. Law of Least Privilege — Use Granular Permissions
With your secure file management solution in place, it’s time to assign user permissions to your data. You are automatically more susceptible to data breaches when you aren’t able to control who has access to information. So how do you decide user roles?
The Law of Least Privilege is the basic idea that you should only provide users with the access they legitimately need to complete their job. Granular user permissions is a governance tool that allows managers to assign who has access to folders and subfolders. A good rule of thumb for data breach prevention is to start with minimal permissions for the user. You can always rearrange folders or grant more access as needed.
Sony made a big mistake in data breach prevention. When they assigned user roles, they saved each user’s ID and password in a folder called Passwords. Remember, 76% of network intrusions result from weak credentials. In this case, the centrality of the credentials made this cyberattack relatively simple. Once a hacker entered the network, it was very easy to access business files — and very appetizing to access files in the Password folder!
SmartFile allows managers to either create a password or automate a password that will be sent to the user. Automated passwords are randomly generated and are not easily broken. This is because they contain special characters, random variations of letters, numbers and capitalization.
3. Be in the Know with Analytics and Automation
While data breach prevention includes employee training, IT departments can practice proactive auditing measures. Early detection can minimize damage. For 78% of organizations that experienced a data breach, it took weeks to uncover the extent of the damage and find the issue.
Analytics can tell you who has been accessing files, and automation can alert you when someone accesses a file. Knowing who is using the data can help detect outliers or suspicious activity. Ignorance is the gateway for hackers to get in, and stick around. Don’t stay in the dark about your user activity.
Alert your employees that you are monitoring their activity for both their personal and the firm’s safety. Employees will feel at ease knowing you take their work and information seriously, and those with bad intentions will be less likely to take action against you. If an employee quits or is fired, make sure to redact their permissions immediately. In the case of Sony, it is speculated that a disgruntled employee may have aided the hackers in the cyber attack.
4. Keep Guard with an On-Prem File Management Solution
Third-party personal cloud services aren’t ideal because the servers are not accessible by your IT department, therefore, they are unable to provide the safeguards and protection your business needs. An on-prem file management solution allows you to secure a cloud solution behind your on-prem firewall. You can use the appliance’s own native storage for your private cloud or create a cloud using existing primary storage and servers.
With more control and centralization of your network, companies can increase their preventative measures. With these tips, your business will be on the path of data breach prevention in no time!