Category Archives: Insider Threat

How to Use Prioritization to Enhance Your Data Security

Data loss prevention and data security can sometimes feel like a daunting and money draining task, particularly for SMBs. But cyberattacks and loss of data can be some of the biggest risks an organization can face in this modern-day climate. Companies don’t need to be big-name enterprises with large IT departments in order to operate as a top-performer in data loss prevention. When it comes to protecting companies and individuals from data loss, prioritization of data protection is key to successfully managing security, while still operating a well-running company.

  1. Knowledge is power

There are many studies that suggest that around one third of all companies lack sufficient policies for data encryption, classification and security. Knowing the risk and how your company might be affected is the first step towards data security.

  1. Consider the options

What is actually realistic for your business? While it is tempting to get caught up in the sophistication and benefits that some of these security systems hold, it’s important to prioritize what your company really needs for full protection. Extra benefits are nice-to-haves, and most security companies will scale plans up and down, so these can easily be considered once a working plan is in place.

  1. Learn about your company’s data

Back to the first point, knowledge is power – in order to be able to optimally prioritize data for security purposes, you need to know about your company’s data. What it does, who uses it, and how it moves around your computer systems. Depending on the size of your company, there are some mapping tools that can be put into place to assess this but you should also be looking for a general feel. In addition to the sophisticated software that’s out there, there’s an element of common sense to data security – if you think data could escape a particular route, it probably can.

  1. Top down data prioritization

Once you know the ins and outs of your company’s data, it’s important that you begin to assess the risk that a breach in data security poses for the different kind of files your company possesses. The higher the risk, the more priority needs to be given to ensuring that the data security around those files is impeccable.

  1. Balance it out

Bear in mind that often the more security and process you place around data, the more administration you are placing on your employees. Policies and verification processes all take time, and this adds up if it is manual time on each and every file the employee is using. Consider the effect that the loss of a particular piece of data will have on your company if it is released from your secure system. If the consequences are not high, and it’s much more effective for your business to run efficiently without cumbersome processes around those files, then go with that.

Prioritizing the kind of security that you employ to protect your company, and how you implement it, can sometimes mean the difference between being able to install security and data loss prevention plans in your company, or becoming like the one-third of businesses that have not done so. With these simple techniques, you should be able to efficiently breakdown and prioritize how to effectively go about protecting your company through data security.

Why a Data Breach Could Change Your Life – And What to Do About It

data loss preventionThe sensitive information of individuals is big business in the criminal world. An individual’s medical record can collect up to $50 on the black market, 50x that of a credit card record, and that’s before money has been elicited by using the record itself. Data breaches aren’t just confined to medical and financial though, in the modern world we are seeing trade secrets, intellectual property and other identification information being viewed or stolen by unauthorized individuals. Data breaches can dramatically affect your life, both as an individual citizen, but also as an employee or business owner. Fortunately though, there are ways to protect yourself.

Getting down to business

From a business perspective, data breach can be hugely damaging, to a company’s reputation as a whole as well as the consequences of what that data breach will bring. Particularly for companies that trade in knowledge sectors, data breaches can have hugely impactful and long-lasting effects if intellectual property or trade secrets are obtained by an unauthorized source. Companies have seen their long-term earning capacity significantly reduced, or even wiped out, from data breaches.

While the media generally highlights data breaches that happen on a mass scale to large and well-known brands, it is small to medium enterprises that can be hit hugely as their technology and processes are often not strong enough. Some studies suggest that almost 30% of SMEs have no plans in place to deal with security threats.

How to turn things around

A data breach response plan is crucial to maintaining the safety of your business. Sometimes it’s helpful to think about the digital risk of a data breach in the same way as a physical risk to your company, such as fire or theft. No company would operate without basic policies around high-risk areas, and data breach should be considered in this group.

A good data loss protection plan and state-of-the-art security will equip your company with the right tools and software to protect against ransomware, and inadvertent loss of data. But a truly great data loss protection plan is one that pre-empts the catastrophe by ensuring that all employees understand the level of risk associated with a data breach and are committed to putting in place best data loss protection practice in order to minimize the risk.

On an individual level

Whether you’re a business that holds sensitive information regarding individuals, or from an individual perspective, it is important to know the risks associated with having your personal data compromised. Of course, the consequences of stolen financial and medical records are fairly evident, but with the rise of sophisticated ransomware and malware techniques, criminals can embed themselves on your computer and commit serious crimes identity theft that you may not even be covered by in your insurance.

What to do about it

Firstly, look into how you’re currently protected on an insurance and a digital level and make the appropriate changes. Contact your bank and talk about options to protect your credit card online and fully understand their policies if your details are compromised. Shop around – protection isn’t standardized and different financial companies will offer different types of protection. That goes for your medical insurance also, contact your provider and get a clear understanding of what will happen if there is some kind of breach.

Then it’s time to look into your cybersecurity. Cyber criminals have gone from strength to strength in recent years so it is imperative to update your security and ensure the settings don’t ever have it sitting in an idle state. It’s also an excellent idea to look into password storage facilities like LastPass that enable you to have a different password on websites, particularly those you are sharing sensitive information with. Opt for a two-step verification process on any website that has it and use different security questions on different websites, where they are offered.

Data breach can have far-reaching and long-lasting effects on both individuals and companies. Put simply, the only way to combat this kind of criminal activity, as a citizen and as an SME or SMB, is through protection. For businesses, this involves a strategic data loss protection plan, as well as a crisis management plan if the worst happens and sensitive information, particularly that of individuals, gets into the wrong hands. For both businesses and individuals, computer security and prevention techniques when it comes to websites where your data could be compromised, are essential to mitigating the life-changing risk of a data breach.

Healthcare Industry Data Loss Problems – And Their Easy Solutions

According to a report by the Ponemon Institute, nearly 90% of healthcare organizations suffer data breaches. Internal threats such as mistakes—unintentional employee actions, stolen computing devices—account for nearly half of the data breaches. This statistic certainly serves to show the staggering problems around data loss in the healthcare industry. While the scale of the problem, and therefore the solutions to it, may seem incredibly vast, there are actually strategies healthcare organizations should be implementing in order to combat this high-risk situation.

Why is theft, or loss with malicious intent, so high?

Firstly, medical records can fetch up to 50 times that of credit card records on the black market. While that may seem far-fetched, it’s surprisingly not, given the amount of credibility medical records hold when it comes to identification. Criminals can easily use medical records to fraudulently bill insurance companies, obtain prescription medicine, in addition to other identity theft practices.

The move to digital and the losses that come with it

The digitization of medical records has been seen as a long overdue step by the medical community to reduce mounting hospital administration and provide patients with more reliable diagnoses and care. Proper due diligence isn’t being paid when it comes to data loss protection for a variety of reasons, budgeting, outdated technology and lack of knowledge among them. As a result, breaches into healthcare systems are becoming more and more commonplace, particularly as online criminals become more skillful, as well as hospital staff accidentally releasing sensitive patient information.

The problem areas

Data loss is considered to be one of the most commonplace ways for healthcare organizations to lose a patient’s medical files. The main problem areas include criminal attack, a stolen computing device, unintentional employee action and technical glitches in the system.

The root problem

At the root of these problems are outdated legacy systems and medical devices and poor training in data loss protection. Healthcare organizations have an extremely unique set of challenges when it comes to digitized information. Particularly for hospitals, the scale at which they work, is huge. The number of individuals who have files stored on their systems, as well as the number of medical professionals who are not highly skilled in computer literacy, is vast. Combine this with computer systems that need updating and a lack of budget to do so, and it is easy to see why data loss is so prevalent in the healthcare industry.

The solution

The solution to the problem can be simplified into two parts – update computer systems so that strong security measures can be put in place, and implement a data loss prevention strategy across the organization. The first solution requires budget, but it is imperative that this is prioritized. Ransomware and malware are becoming an increasingly prevalent, malicious, and ruthless way of obtaining data. Trends suggest that it will become even more of an issue in coming years and the only way to combat it is through state of the art security measures.

A data loss prevention strategy, while still costly, especially if implementing on a large scale, is more of an upfront cost and a slow burn investment. For healthcare organizations, a data loss prevention strategy is an incredibly cost-effective way to protect against data loss as much of it involves staff onboarding and communication in order to make it work. Of course, software systems need to be installed to protect files, but much of the hard work comes from ensuring that all staff understand what they need to be doing in order to avoid the inadvertent leakage of sensitive information.

With just a quick online search, you can see the mounting concern about protecting patient data in the healthcare industry, and the ever-growing and alarming statistics about how much data is currently being compromised. Healthcare organizations need to reprioritize budget in order to implement easy and effective solutions like state-of-the-art security, and a data loss prevention strategy that has buy-in from staff working both in hospitals and medical centers on network devices, and remotely on mobile.

5 Common Misconceptions About Data Loss Prevention Debunked

In an age where sensitive information lives in clouds and on endpoints, instead of behind lock and key, Data Loss Prevention has become big business. That infamous saying ‘at the click of a button’ now has to be a carefully monitored click to ensure that critical information isn’t shared with the outside world, either maliciously or by sheer human error. DLP can be a confusing area of the technology industry, not to be confused with its anti-virus counterparts, so we’re here to debunk some of the most common misconceptions people have around DLP:

The threat is from the outside
The ‘which is worse’ debate is hotly contested between inside vs outside threats, with the likes of Intel suggesting that internal actors were responsible for 43% of a company’s data loss, and half of this activity considered malicious, half accidental. Regardless of which statistical report you believe, internal threats make up a huge amount of a company’s data loss, particularly as internal threats have greater access to this data. They shouldn’t be ignored to focus on the, often perceived as more dangerous, outside threats.

Ready-to-wear solutions
Outside threats have held huge significance in our lives over the years – of any technological breach, outside threats are the ones that take up the most space in our news media, and what we absorb from the internet. Because of this, some company’s approach DLP from an ‘outside threat perspective.’ That is, they talk in the language of patches, firewalls and anti-malware. DLP needs a different approach because it is not a piece of software. The exciting thing about DLP is that it is an all-encompassing, working strategy fitted to your company, rather than an out-of-the-box, download it and hope it works software solution.

Call the IT department
Similar to our last point, there can be a misconception around who should be running a DLP strategy within a company. While DLP incorporates many technological elements to it, thinking that it should be an IT responsibility is along the same lines as treating DLP like it is simply software. To truly get the most out of a DLP strategy, it needs buy-in from all corners of the company. The threat is from the inside, therefore all those on the inside must be on-board with minimizing it, in order for it to work. How to do it? Delegate responsibility to its relevant skillset. Certainly pass over the specific technological aspects to the IT team, but also think of creative ways that leaders and communications specialists can communicate direction and action points to all staff.

Productivity grind
We have all experienced the dreaded words ‘new strategy’ at certain times in our career to be synonymous with ‘new admin’. It’s a common misconception that Data Loss Prevention will be time-consuming and add unnecessary frustration to a staff member’s already busy day. It’s crucial that we debunk this one as it is what will inevitably derail that buy-in from all staff members. DLP has been in the marketplace for a significant enough amount of time that its systems and protocols are fine-tuned and highly personalised. Professionals can look at a company and tailor a solution that’s convenient and efficient in requiring authorization only where it is needed. The key to this is, of course, how DLP strategy is implemented at the start. If policies clearly outline the levels of authorization, this clears up any risk of blanket rules applying across companies and slowing things down.

Too big to handle
For many small companies, DLP can seem overwhelming and the question is often raised as to whether it is really necessary for a small business to implement. The risk of data loss applies to all companies, big or small, so the question should be framed more around how sensitive the information is and how catastrophic it would be, should it be leaked. If the risk is high enough for either, then DLP shouldn’t be considered a solution that is too large for a small company. Because DLP is a series of policies and protocols, as well as the technological aspect, it can be applied incrementally. What is the area of a company that is most at risk? Set up DLP procedures around that data only and move on to the next important set of documents when you can.

While none of us want to believe that the employees who work for us, or alongside us, are capable of maliciously leaking sensitive data, the reality is that they are, as well as leaking it by accidental means. The Data Loss Protection marketplace looks to combat this with an holistic approach that involves more than just software and IT teams – it’s a company-wide program that, whose ownership firmly lies in the hands of the people who use it, not the technology itself.

Data Security Priorities for SMBs in 2017

Small- and medium-sized companies (SMBs) are equally vulnerable to cyber threats and data breaches as large enterprises. According to a survey of SMBs conducted by Ponemon Institute, nearly 55% of respondents said that they experienced a cyber-attack, and at least 50% had a data breach in the past 12 months. It was also revealed that negligent employees, contractors and third parties caused most data breaches.[1]

Here are the key reasons why SMBs are becoming more vulnerable

  • Security policy is not well defined.
  • The software and methods that are in place to prevent the breach are either obsolete or not capable enough to prevent the data leakage.
  • Lack of training to the employees.
  • Not enough budget is allotted to thwart the threat.
  • Strict adherence to follow the security procedure is lacking – weak or repetitive passwords. Encryption is missing in most of the cases.
  • BYOD policies are missing.
  • Protocol to be followed in case of leak is not defined, which could in turn restrict the extent of data loss.
  • There is rarely a dedicated IT personnel overlooking the security of the system. Thus, 24/7 observation is

For all of these reasons, the loss of sensitive data is often due to negligence of the company personnel. A lot can be averted if the following requirements are addressed in the security protocol.

These essential steps are recommended for SMBs to follow and implement in order to mitigate data breach threats.

  • Regular training sessions should be conducted for the employees. Users should be educated about cyber security and informed on how to deal with the sensitive information safely.
  • Password encryption should be a must. Implementation of two-factor authentication is an easy and affordable way to safeguard the cyber content.
  • Account management should be implemented. User-defined roles should dictate who gets what kind of access to the sensitive data. Authentication of the user and the device being used to access the information should be verified.
  • Clearly define the BYOD policies to the employees so that intentional or deliberate loss of data can be mitigated.
  • Software used should be current, thus making it less vulnerable to cyber threats.
  • Policies around what data can be copied and how and where it can be duplicated should be laid out for the users.

As we step into 2017, SMBs should start gearing up to implement tailored protocols to defend against data breach, particularly from insiders. Along with taking the steps mentioned above in stride, employees should be scrutinized for their behavior in the office. Even at the time of recruitment, proper background screening should be conducted. Getting the right kind of employees and following up with a robust plan for security will aptly help mitigate the threat.

[1] http://www.ponemon.org/blog/smbs-are-vulnerable-to-cyber-attacks

2016: Data Breach Statistics, Year until 10/19/2016

*The ITRC tracks seven categories of data loss methods: Insider Theft, Hacking, Data on the Move, Subcontractor/Third Party, Employee Error/Negligence, Accidental Web/Internet Exposure, and Physical Theft.

The ITRC tracks four types of compromised information: Social Security number, Credit/Debit Card number, Email/Password/User Name, and Protected Health Information (PHI).

Total records exposed only include records for which count is available.

Zecurion offers deeper insight into selected incidents caused either by accidental or intentional data breaches. With all such incidents, the common elements describing the impact of this growing problem are financial loss, compromised intellectual property and dwindling customer confidence. Let us see how some sectors have been impacted as of October 2016. The excerpts below only provide a glimpse of some of these incidents – the list goes on.

Government

August 26, 2016 – County of Sacramento, California, issued a statement that an unknown number of records with personal data were exposed due to an error in the online automated application for Emergency Medical Service license. The information included name, address, social security number, driver’s license, phone number, date of birth of the applicants. Although there has been no report of misuse of PII, yet the county offered one year credit monitoring services of Experian to the affected people as a precaution.

Source: California Attorney General

 Healthcare

September 26, 2016 – One worker at Yale- New Haven Hospital and her friend were arrested for illegally procuring classified personal information of at least 20 near death patients and using the stolen data to obtain credit cards, becoming beneficiaries in their insurances among other planned crimes. This had been going on for two years before they were caught. A year’s credit monitoring has been offered to the victims.

Source: Media: News 3

August 12, 2016 – Bon Secours Health System disclosed that R-C Healthcare Management, a third-party vendor managing their Medicare and Medicaid reimbursement, accidentally left patients’ files accessible over the internet while updating network settings. About 665,000 records containing patient name, health insurer’s name, health insurance identification number, social security number and some health information was exposed to the general public. A forensic investigator was hired to correctly identify people that were affected by this breach and then informed about the incident. 435,000 were from Virginia and the rest were from Kentucky and South Carolina. No misuse of the exposed data has been reported so far.

Source: Media: http://www.nbcconnecticut.com/

Business

September 22, 2016 – Premier America Credit Union, California, reported that a departing employee sent an account list containing name, address and maybe social security and/or employer Identification number to his personal email address for most likely solicitation purposes in future. The employee was reminded of his obligations and company regulations and advised not to use any of this information for any purpose. The management further offered complimentary one year credit monitoring services of Experian to the victims.

Source: California Attorney General
August 8, 2016 – 7-Eleven reported that in June 2016 during a regular maintenance cycle some of the franchisees received the records of employees other than their own franchisee’s employees. The exposed information contained name, address, phone number and social security number of 7,820 employees. The correction was completed within 5 days. 7-Eleven offered 12 months of First Watch Technologies’ professional identity monitoring service to the victims in addition to $1,000,000.00 in identity theft insurance with no deductible.

Source: California Attorney General

Keep Sensitive Data Secure on a Tight Budget

As more services move towards the cloud, it is important to establish network security so as to ensure secure data transfer. Similarly, businesses that manage critical personal data need to maintain airtight security policies and procedures. Not having such policies in place may lead to security breaches or expensive client lawsuits. According to a 2016 report from the Ponemon Institute, almost 50 percent of small organizations that were surveyed experienced a data breach in the previous year. Another research by Symantec found that almost 43 percent of cyber-attacks in 2015 were targeted towards small businesses, up from 18 percent in 2011.

Small businesses make for an enticing target as they usually do not have the necessary security controls in place to secure their financial data from internal as well as external threats. Here are some low budget tips that can help small businesses keep their financial data safe.

  • Install proper network and work station controls such as properly configured firewall, anti-virus software, and updated patches for all hardware and software. Criminals usually try to exploit sensitive data such as Personally Identifiable Information (PIT), business trade secrets, financial data and other critical company information. Organizations must have restrictions in place for allowing only the least number of employees having access to sensitive information, especially financial or that related to security. Strict compliance must be ensured and employees must be trained and updated about it. This will help reduce incidents of data loss/ theft. Access to all storage, computing and online-based media like servers and databases must be restricted to only a few trusted employees.
  • Establish a culture of security by training and informing employees about accessing unsafe websites while at work that may result in major breaches. Companies may also resort to block access to certain sites for security reasons.
  • Conduct periodic testing to keep a check on vulnerabilities. The frequency of testing must depend on functional criticality and size of the company. With smartphones being used as devices for transfer of data, companies must ensure that these devices also fall under the purview of DLP policies and practices. Mobile devices must have anti-virus software installed and be up-to-date.
  • Get finance teams/ CTOs involved to understand the risks involved and get a holistic view of what can be done to mitigate these risks at the base level – without incurring too much cost.
  • Implement two-factor authentication along with strong password policy. Two-factor authentication requires use of a password plus a code or a biometric marker to access data. The additional layer of security makes access to sensitive data more difficult.
  • Set aside a small budget specifically for continuous monitoring or security-related loopholes to help ward off any attacks and threats. If utilizing the services of third party vendors for securely managing data, have a Service Level Agreement (SLA) which details security expectations and gives the right to thoroughly audit the vendor to confirm and ensure compliance with policies.

In essence, by just implementing and following certain basic tenets of security, most organizations can secure their sensitive data with bare minimum costs.

Why Biometrics Should be Used?

Biometrics is a way of making sure that the user is who he or she claims to be, thus eliminating unauthorized access to information and safeguarding it from internal threats. With data breaches becoming more complicated and impacting all sectors, organizations are gradually complementing traditional authentication techniques, especially passwords, with biometric technology. To fully understand the potential that biometrics offers towards enhancing data security, let us first understand what biometric identifies are, how they can be deployed and advantages that the technology offers.

Biometric Identifiers

The term “Biometrics” is coined with two words “bio” and “metric” meaning life and measure respectively. The underlying meaning is that every human is unique and can be recognized/ identified by his or her intrinsic physical or behavioral traits.

Fingerprints, face, retina, voice, ear features, typing rhythm, gait and gestures constitute as biometric identifiers. For security, a single or a composition of multiple identifiers can be used. Research and development is actively underway to encompass brainwave signals, electronic tattoos and microchips under biometric identifiers.

Biometrics Deployment

Fingerprint scanners, face recognition software and biometric hand reader are some of the platforms that are based on biometric technologies. Adoption of biometrics at various access points and endpoints is greatly beneficial in preventing unauthorized access and hence data loss either accidently or on purpose.

A study by ABI Research states that consumer and enterprise spending on biometrics is growing at a rate of 29% per year, with market size expected to reach $36.8 billion by 2020. Retail and banking sectors are leading in the adoption of biometric technologies because of the sheer volume of sensitive data they process.

Biometrics Advantages

While biometrics is gradually becoming a part of our daily lives – common examples being checks at international airports and fingerprint recognition on mobile devices – a number of organizations are yet to fully realize the capability that the technology offers. There are many advantages of deploying biometric technologies. These are:

  • Biometrics are extremely accurate, though not 100%, as the identifiers are unique to each user.
  • While passwords can be replicated making the system vulnerable to unauthorized users, biometric identifiers are difficult to break and thus offer very reliable data security mechanism.
  • Automated biometric verification is a very quick process.
  • Biometrics do not require multi-layer authentication. They are user friendly and lift up the burden from the user to remember various complex passwords. This saves time without compromising the security of sensitive data.

Conclusion

Organizations can enhance traditional authentication methods that they use by introducing biometrics – an additional security layer that answers “Who I am”. While barriers to adoption remain high, mainly being cost and privacy, the number of real-word applications for biometrics has been increasing. It remains to be seen if biometrics will emerge as the answer to most data theft problems or if it will only continue to act as an additional assurance to prevent data loss.

Best Practices for Enhancing Mobile Data Security

Data loss, whether intentional or unintentional, not only leads to financial loss but also leaves a lasting impact on goodwill of the organization. With increased enterprise mobility, organizations need to implement strict regulations and safeguard confidential resources from falling into wrong hands.

BYOD, the key driver for enterprise mobility, has increased productivity and reduced costs as employees can now access corporate emails, messages, text and work files from their own personal device. They can be virtually anywhere while still being productive.

The stereotype work culture of commuting to the office or working from one fixed desktop is already a thing of the past. According to Fliplet, worldwide more than 1.3 billion workers use various mobile devices for work. Studies have also shown that usage of smart phones by mobile workforce results in increased productivity of work – a six weeks’ worth equivalent to almost 240 more hours per employee annually. BYOD is therefore here to stay and is being recognized as a megatrend impacting small and big enterprises.

However, the flip side to it is that it has also resulted in increased vulnerability of mobile data. Towards this, Zecurion recommends 10 best practices to enhance mobile data security.

  1. Classify, Tag and Analyze Data

Classifying and digitally tagging data will prevent data loss in case it falls into wrong hands. Classification of data is compulsory in order to correctly deploy the tool to thwart the loss.  Once classification of data is completed by a team of experts – comprising business process managers, legal and compliance specialists – it is easier to choose a DLP tool that best suits the need. These tools are essentially automated controls protecting data at rest, data in transit and data in use.

  1. Integrate with Mobile Device Management

Mobile Device Management (MDM), a content- aware solution, simply lets the administrator define roles and authorizations for users. This way only selected users have access to all the information and DLP can be better managed. MDM also offers jailbreaking/ rooting detection feature. Until the device is deemed safe, the mobile device will not be able to access anything on the company’s server. MDM can also block specified applications.

  1. Encryption of Data

Encryption should be a rule of thumb for any wireless mobile communication – be it cloud-based or over virtual private network. To access the encrypted data, an encryption key is required. An unauthorized interceptor can therefore not access data without this key.

  1. Authenticate Identity of the User

Multiple forms of authentication, a.k.a. biometrics, should be used for mobile devices. These include fingerprint, facial, retina and voice recognition. Biometrics is a way of making sure that the user is who he or she claims to be, thus eliminating chances of unauthorized access and preventing data loss.

  1. Test for Vulnerability of Mobile Data Periodically

Penetration testing on mobile devices must be undertaken on a regular basis. Accordingly, organizations must come up with mitigation plans in case of a breach.

  1. Train Staff Regularly

Conduct periodic training on mobile DLP to educate corporate mobile users about access policies and usage behavior.

  1. Deploy Endpoint Security

Implementing endpoint security just as in other non-mobile environments. With endpoint protection, unauthorized users or devices that do not comply with the security program cannot access, copy, share or store confidential information either accidentally or on purpose.

  1. Implement COPE – Company Owned Personally Enabled Mobile Devices

Depending on the nature of business, organizations should implement COPE – antidote to vulnerabilities arising from BYOD. COPE enables the IT department to maintain control on devices connected to enterprise networks while offering work flexibility to employees. Also in case the device is stolen or lost, the organization will have the ability to wipe out the entire data remotely. Further, COPE allows IT to control the installation of third party software and prevent any malicious software from being installed on mobile devices.

  1. Monitor Outflow and Inflow of Mobile Data

Install mobile DLP solution that successfully monitors the data that the mobile device accesses or downloads from the organization’s server. Personal and business emails can easily be bifurcated and chances of sensitive information being leaked from mobile devices are drastically reduced.

  1. Destroy Obsolete Hardware

Make sure that unused or discarded mobile devices are wiped clean of any sensitive data. Have strict well defined policies in place for proper disposal of mobile devices. Installing customized firewalls will give limited access to organization’s data to mobile users and prevent sensitive data loss.

How Zecurion Can Help

Zecurion offers Mobile DLP which is a full data prevention solution that offers content analysis for Android devices and contains all the necessary functionality for data protection. It provides complete monitoring of corporate information on employees’ mobile devices, preventing data leaks at various stages of information processing, storage, and transfer.

Zecurion Mobile DLP can help ensure data traveling between mobile devices is not compromised and provides monitoring of connecting mobile devices to computers and other devices. Zecurion Mobile DLP finds copies of confidential documents on users’ mobile devices and blocks their transfer via unsecured open networks. All traffic is channeled through a protected corporate network. In the event of theft or loss, the device can be blocked by a security officer. The solution also stores shadow copies of SMS and MMS, as well as monitors the running of applications. Its key features include file scan, application control, monitoring, SMS/ MMS logging, allow / disable certain Wi-Fi networks, remote blocking /cleaning of the device and logging of geo location.

Insider Threat is a Growing Problem in Government: Are We Overlooking?

Cybersecurity has become a top priority for government, yet research shows that “Government” is one of the most vulnerable sectors when it comes to insider threats. Often action comes quite late and signs remain unreported for years either due to unwillingness or inability of colleagues to accept any such possibility.

A 2015 survey by Symantec revealed that If IT administrators in government organizations do not terminate network access quickly enough, the results could be disastrous. The survey reported that nearly 45% of federal departments were targeted by insider threats over the year, with 29% losing data as a result.

Over the years, even though data loss prevention has become a more sophisticated technology, aimed at preventing data breaches, insider threat has continued to evolve into a more complex problem. This is because technology adoption in government is not just slow and tedious, but also requires considerable amount of training for successful enforcement.

There are 4 key challenges that government organizations need to address for better management of their data security strategies.

1.Infrastructure is Under-Equipped

The budget allotted to government IT departments has always been frugal in comparison to other sectors. The IT systems that are operational are thus neither modern nor updated. Budget constraints often result in usage of old, obsolete hardware and software that are not equipped to handle the more complicated data breaches.

2.Technology Purchase is a Slow Process

Process of purchasing technology is often slow and lengthy. Various factors such as RFP, bidding, political environment, preferred vendor etc. influence the purchase decision and by the time the purchase gets approved, the ordered technology itself becomes out dated.

3.Stealth IT is Creeping in

Easy availability of cloud offerings and bring-your-own-device (BYOD) have resulted in shadow/ stealth IT coming into practice. Employees often resolve to solutions that they think would be the best, resulting in sporadic practices where data might not be properly managed or protected. This results in exposure to unauthorized people.

4.Compliance is Becoming Complex

Government organizations need to meet major compliance regulations such as FISMA, NIST 800-53, FIPs (up to level 3) and Common Criteria. Depending on the sector they operate in, compliance with HIPAA-HITECH and PCI DSS is also required. Regular training and education is essential for organizations to meet these complex compliance requirements.

Keeping in mind the above stated challenges, Zecurion has identified some best practices to minimize the risk of internal threats. These are:

1.Early Detection through Proactive Monitoring

Having efficient algorithms and rules for the network helps detect early if personally identifiable information (PII) is being accessed without proper authorization. Many automated tools are available today that can discover any such breach at the initial stage itself. And early detection can thwart data loss incidents.

2.Comply with FedRAMP for Secure Cloud Adoptio

Old, redundant legacy systems being used are primitive. And IT budgets are limited. Therefore implementing cloud solutions that have enhanced security features will be both cost effective and agile. Government organizations that adopt cloud need to comply with FedRAMP.

3.Encryption is a Must-Have

Government organizations are mandated to have encryption. Solutions that encrypt information on hard drives, disk arrays and SAN storage through sophisticated cryptographic techniques, protect sensitive information whenever physical control of the media is impossible.

4.Multilayer Security Authentication

Multilayer security authentication is a must. Options for finger print, retina test or scanning of a smart card should be added to regular password options to establish identity of the actual user. User role needs to be identified comprehensively, and accordingly the extent of authorization should be granted.

5.Update Security Patches Frequently

Antivirus and firewalls should not be outdated or obsolete. The software should be current and running 24/7 365 days without failure. Still just deploying antivirus is not enough. Securing the endpoints is equally important to prevent data loss.

6.Set Up Dedicated Risk Assessment Team

The executive team should have a formal dedicated risk assessment team to look into various techniques, procedures, and access points from where the PII leaves the system. The team may pose as insider threat actors and hackers, play bad cop and come up with customized solutions and risk mitigation plans to protect against breaches.

7.Implement Incident Response Plan

Drawing up an efficient incident response plan helps in mitigating and containing the aftermath. This is very important for the reputation of the organization. When reputation is at stake, having a robust plan that streamlines what needs to be done, when and how, saves time, money and credibility.