December 1, 2015
Too many employees have unnecessary access to high-level data; that is the conclusion drawn by Charles S. Clark in Two-Thirds of Federal IT Managers Fear a Security Breach from Colleagues. (It seems we should have learned this from the Edward Snowden leaks, but apparently not.)
According to sources quoted by Clark: “As many as 63 percent of respondents said they view other employees as the greatest security risk, while fully 92 percent said general employees have access to more information than is necessary.”
Once an employee is granted security access at any level, it is uncommon to monitor what they do with it. Few realize the enormous vulnerability of big data and the more databases are integrated, the larger that risk grows. Nowhere is that more apparent than in health care.
Health-Care Sector at Greatest Risk
According to the Wombat Security Breach Report: Healthcare Edition (November 2015), the health-care sector reported the largest number of security breaches at 37 percent, triple the amount of the retail sector.
Health-care breaches are also more expensive, with an average per record cost of $363 versus an average per record cost across all other industries globally of $154 or less than half.
Points of vulnerability include local hospitals, doctor’s offices and medical centers, insurance companies, and health-care clearinghouses. Health-care breaches tend to be very large and can result in identity theft.
Of 105 incidents from June to October 2015, the causes in order of frequency are:
- Unauthorized disclosure or access (42 breaches)
- Theft (38 breaches)
- Hacking and IT incidents (16 breaches)
- Data loss (8)
- Improper disposal (1)
Human error resulted in 1.5 million patient records — including police reports, Social Security numbers, medical service records, and drug test results — being publicly posted on Amazon Web Services.
It is not a matter of if — but when — any business has a data breach. It is imperative that companies have both a plan for prevention and policies in place for immediately responding to any data breach.
How to Prevent Data Breaches
The first step is better staff training: more than 90 percent of data breaches in the first half of 2014 were preventable. Security personnel should be limiting access to data to only those who need that access and immediately removing it when duties change.
All employees need better training on e-mail, social media, and mobile device usage when it comes to protection from phishing and other hacks. Every employee must know not to click on links in e-mails, or to download apps onto their company computer running on the internal LAN. Controlling what apps employees download onto their Smartphones that contain company data is another challenge.
Does your company have a process all employees and vendors have immediate access to in case of theft of their laptop or mobile device? All training required of employees should also be required of consultants and vendors.
If you walked down the halls and asked each employee to whom they would report security breaches and how would they reach them, would they know? Do you annually survey your employees to ensure they are familiar with security practices?
Do they know not to talk directly to the media and to whom they should refer any media inquiries? Read the link immediately above for 12 specific methods for making employee devices safer.
Use a CDN as a First Line of IT Defense
Regardless of the size of your company or IT staff, putting a Content Delivery Network (CDN) between your online servers and hackers can prevent many issues. Some CDNs have a strong focus on security, watching for and recognizing threats immediately.
Although CDNs have been around for years, most people still are unclear of their benefits or even what they are. Imperva Incapsula has produced a comprehensive CDN Guide to explain what a CDN is, the architecture, and how CDN caching works.
CDNs provide benefits beyond prevention of data loss. They can also ensure a DDoS attack does not make your site unavailable and decrease page load times which can lead to more search engine traffic. A CDN is one of those rare services that has a strong upside immediately rather than only being seen as a preventive expense in case of attack.
All types of sites WordPress blogs, partly because of plugins, are being continually hacked. All businesses should have a blog, and it should be protected by:
- Keeping WordPress, the theme used, and all plugins continually updated
- A hidden login page or additional pop-up to guard the login page
- Only permitting strong passwords
- WordFence plugin to block fake Google crawlers and comment spam bots
Few realize that so many hackers are running password crackers and crawling blog posts with bots that they can impact the entire server a blog is on. The traffic to most sites today – and especially WordPress blogs is 56 percent to 90-plus percent bots.
Act Immediately to Control a Breach
Response speed is critical because attackers are moving more quickly, exploiting zero day security vulnerabilities before most businesses are even aware they’ve been published.
Highly targeted spear-phishing attacks are on the increase as are Trojanized software updates, making it easier to target specific industries and companies. Read the link immediately above to learn more about sophisticated methods being used, Smartphones, wearable health apps, and how the Internet of Things (IOT) increases security complexity.