How to Prevent Absent-Minded Data Breaches
August 16, 2016
It seems like every few months, another large, prominent organization has to announce a data breach to their customers. In 2014, hackers exposed 100 TB of data from Sony, including everything from email passwords to unpublished movie scripts. Also in 2014, the Home Depot was breached for information for 55 million credit cards, and 145 million eBay customer records were exposed including their names, physical addresses, dates of birth, and more.
Your business might not even have 100 customers, but there’s still information you want to keep safe. When confidential information is exposed, you lose clients, customers, and your competitive advantage (and put your business at risk for legal action). Even if you’ve got a good firewall in place and have taken the necessary steps to prevent against hackers, sensitive data can still be exposed. And it can make its way out in the most easily preventable way imaginable: sending information to the wrong people.
Sure, a message about lunch plans sent to the wrong George in finance might be harmless. But graver mistakes happen all the time. Look no further than the US presidential election, where an aide for Donald Trump emailed the campaign’s strategy against Hillary Clinton to the wrong guy with the last name Caputo—instead of a campaign adviser, it went to a reporter for a preeminent political publication. Ouch.
Keeping business and leisure separate
Email flubs are just one example of how easy it is to accidentally expose confidential data. Bring-your-own-device (BYOD) enhances productivity, but also increases the opportunities to compromise security. Think about your average user, who looks at email on his or her smartphone. Those emails include attachments that they may want to save for later for quick, offline access.
Documents, photos, screenshots—those all get saved in the same place as a user’s vacation photos. Then there’s no guarantee that this information isn’t going somewhere it’s not supposed to.
Information only in front of the right people
The goal is to ensure that the right information is only in front of the right eyes, no matter:
- What device it’s accessed from
- What device it’s sent from
- What device it’s sent to
- What application accesses it
- Whether it’s accessed online or offline
So what’s an organization to do? The answer is to set up rights management with policy-based permissions rules. Solutions like Google Docs and Dropbox have this at a very basic level, where you have to give users permission to access a link, but once they’re saved to a device or information is copy-and-pasted elsewhere, all bets are off.
Microsoft Office 365 comes with a more comprehensive solution in Microsoft Azure Rights Management Services (RMS). It protects documents as they move across SharePoint, Exchange, and OneDrive, and maintains permissions while saved online and offline.
With features including one that won’t let you send a sensitive file to someone who’s not authorized to receive it, RMS is something the Trump campaign wish they had.