Internal Security Breach : You Might Opened the Door
November 24, 2016
Have you ever heard about Internal Security Breach ? or have your company experienced it ?
The memory of US presidential election has not completely gone from everyone’s mind. Despite the fact that Trump is now the new POTUS, we can all agree that the leak of Hillary Clinton’s e-mails is one of the most shocking events that took place around the election. In fact, this leak had happened before in 2014. But earlier this year, another 165 pages of emails were released, including some she had deleted. It all happened because she chose to use a private email server.
Clinton’s emails leak is just one major example of how security data plays a very important role in today’s digital era. It also shows how vulnerable private server is. You may want to hide behind the word “private” or “personal”, but take a look at Clinton. Well, she’s not the first official to use private email and certainly not the last, but there are serious security issues associated with these kinds of service. When you use a private server, any protection it has there will be limited to your own personal resources.
Sadly, when it comes to protecting data, most companies these days tend to do it only from the outside or perimeter, not the assets itself. Meanwhile, the internal threat is as dangerous and risky as the external ones. In fact, the majority of data breaches happen from the inside, thus it becomes easy for the outsiders to hack into the system and steal your credentials. When there’s an employee clicks untrusted links on the internet or sticking a flash disk that has been injected with a malware he’s not aware of, that’s when your data is being attacked.
You don’t want your confidential data gets taken. Imagine if what happened to Clinton happens to you. You may not run for a US presidential election, but your company is worth to be protected. If your credentials got leaked, your competitors would eat you alive. The reputation you’ve been building so hard, it all would crumble.
That’s why you should really start protecting your sensitive data from the inside, not just from the perimeter. Most of the time, this issue will cause a data breach because there’s no proper authorization flow. But, you won’t have to experience that if you use the right tool that allows you to request access to folders, groups, distribution lists, etc. through an easy-to-use web form. Each request should be routed to the proper stakeholders based on the workflows you setup. Data owners and authorizers, then, can respond to permissions requests directly via email or within the tool’s web application.
While we’re at it, we also want to remind you that it’s important for you to do a data classification systematically. Did you know that 64% of organizations say they don’t know where their sensitive content is located or who can access it? If you reckon yourself as one of those 64% organizations, then you must really consider to classify your data. Not to mention that on average there are fifty thousand folders in just a single terabyte of data. Such high number will make it difficult to specify which folders contain sensitive files. That’s why you need to do data classification. It will quickly discover your sensitive content, show you where it is exposed, and help you lock it down without interrupting business. No more data breaches. To find out how CTI Group could help you to securing your data from both external and internal using the latest technology for your business, please check our latest solution eCatalogue.