It’s a dangerous world out there
Updated: Sep 11, 2019
Just like the pirates of old who raided and plundered other ships and settlements for gold and other bounty, data attracts unscrupulous individuals. The colloquialisms, “data is the new oil” and “data is the new gold”, suggest that businesses stand to gain (or lose) a lot from their data. While this is true, it also means we should be very concerned about “data pirates” who lie in wait to steal this “new gold”.
We’ve already seen security breaches at very large companies like Quora, Facebook and Google plus. As data gets more valuable, the threat to it increases drastically - from both external and internal sources.
While protecting your data from external threats, it is very important to plan for internal threats also. There needs to be transparent authorisation and authentication methods for accessing sensitive information within the company. Some useful steps to take include:
1. Avoid shared access. When using software that requires licensing, companies might acquire a single licence and share that with everyone in the company to save costs. This means everyone is able to see the same information and has the same elevated privileges. Even former employees with the right credentials will be able to access this data.
2. Operate on a need to know basis. Privileged access to information and systems should be based on one’s role. Some roles may require read access only while others may require write access to only a limited extent. This needs to be planned carefully and enforced system-wise to ensure no one is able to conduct a data operation they are not authorised to perform.
3. Invest in Education and Training. No matter how secure your computer systems are, an uniformed and careless employee can bring the system to its knees. Employees need to be educated on best practices to ensure they do not inadvertently open up the system to threats.
4. Tighten up Rules and Procedures. You need to make it difficult for an employee to leak information, maliciously or otherwise. In too many companies today, an employee can still download data onto a flash drive and walk out of the building.
Please do all you can to protect yourself and your data from malicious threats. Remember, it’s a dangerous world out there.