With the surge in popularity of digitizing all forms of data, which are often stored within a public or private cloud hosting provider, there has never been a more urgent requirement to ensure that data integrity and data privacy is upheld. In this blog we will discuss the privacy, security and vulnerability of data and offer suggestions of how you can protect your critical workloads.
Data is fast becoming a valuable commodity in the information technology era, but data collected on individuals and organizations can often fall under stringent global data privacy rules such as GDPR. Data privacy regulations are extensive and are commonly applied to a global audience of organizations who handle or process confidential or personally identifiable information.
Such regulations place a tremendous demand upon anyone handling sensitive data to ensure data integrity, and above all else, ensure that the data is always secured and that only authorized personnel have access to the data in a secured and controlled manner.
Information that is stored with a public domain like the internet can be vulnerable if the data has not been secured or protected adequately. For example, if you upload data to an Amazon S3 Storage Bucket but you then fail to apply the correct security polices, there is a significant chance of that data being available to anyone with an internet connection.
One reason why these considerations are important stems from the penalties, fines and restrictions imposed upon those who have failed to manage and secure privileged information because of privacy regulations. Considering the constant reports of cyber-attacks and data breaches in the news, many organizations have paid the price for failing to protect data; these penalties often have severe and lasting effects upon these organizations.
How likely is unauthorized access to online data?
High profile data breaches are front page news events if the impact is significant enough, and not all breaches are the result of hacking groups targeting specific companies. One of the most frequently reported causes is server misconfiguration, where data has been accidentally exposed to the public. Misconfiguration is usually the result of human error rather than a malicious attempt to compromise data.
In 2019 alone, there are numerous examples to evidence already. On January 19th, it was reported that BlackRock, a multi-trillion-dollar asset management company accidently published 20,000 records of company employeesâ€™ names, emails, and the business assets they were in control of. The impact of this breach was significant, as employee personal information was leaked as well as what controlled assets the business had invested in, potentially exposing confidential business intelligence.
On January 16th, almost 1 billion unique email address and password combinations were uploaded to a hacking community website. The breach, known as â€œThe Collection 1,â€ is likely to be several data breaches consolidated into one hacking community release. But, with such a large-scale data infraction, there is a very good chance that you have been directly affected by this breach. To check, you can look at this site here.
The victims can be literally anyone: individuals, small, medium and large organizations or worldwide multinationals. Many popular household names have been involved in some of the largest data breaches including Yahoo, Marriott Hotels, MySpace, Under Armour, Ebay, Target, LinkedIn and the PlayStation Network.
One significant research body, the Breach Level Index (Gemalto) states that, at the time of writing this post, more than 14.7 billion data records had been lost or stolen since 2013, and only 4% of them were classified as â€œsecure breach,â€ whereas the data stolen was encrypted or hashed and rendered useless – a truly staggering figure which emphasizes the importance of securing your data.
Typically, the initial response to the data breach comes from those directly affected, whether they be customers, employees and often shareholders, and the way the company reacts and responds to the incident often defines the impact the data breach will have.
The type of data stolen is also important, as it may be inconsequential information, but it could be personally identifiable information. You may not be too concerned if your retail store membership number is compromised; however, if your address and passport number are at risk, then itâ€™s highly likely to concern you.
To uphold customer trust, businesses must work with those affected and offer help and support to mitigate any further fallout from the breach. Customers may choose to boycott the brand in protest, which often has an immediate financial impact on the organizations. Typically, the affected organization learns fast and introduces sweeping reforms which are designed to protect personal data.
However, reactionary responses to data breaches are not a good business practice. Organizations with a digital infrastructure footprint should be proactive in securing data and already should have implemented tried-and-tested authentication services.
Using multi-factor authentication to reduce risk of unauthorized data access
One of the most popular ways of securing data is using a multi-factor authentication service to add additional layers of protection to your infrastructure and data services. Multi-factor authentication services (or MFA) have become the standard authentication model which require that any given user must prove their identity to access the systems, and although you may not realize it, it is quite likely that you already use some of these methods in your day-to-day life.
MFA a protocol that requires you to provide something only you know (usually a password) with a security item you have (mobile phone) and something you have unique to you (such as a secure key, fingerprint or retina scan) in order to gain access. In extremely secure environments, there may be even more security layers that a user is required to pass in order to gain access.
MFA is favored by Managed Service Providers (MSP) as it offers significant protection to organizationsâ€™ files and applications. Besides verifying the identity of each user, the systems can diagnose the health of each MFA device. By establishing the presence of vital security controls and checking for out-of-date software, MFA can easily block high-risk or infected machines and devices.
Two-factor authentication (2FA) may be sufficient for many businesses if MFA is too intrusive to the user experience or too expensive to implement. Â 2FA is a security practice which entails of something only you know (usually a password) with a security item you have. This item is may be a physical device given to you by an organization or 3rd party, such as a mobile phone, a PKI security card or even an RSA Secure Token. These secured items often display a changeable code or PIN. The user must enter their username and password, as well as the PIN code to access or login.
In addition to implementing 2FA or MFA, it is important to ensure that the basics of security are also followed, such as enforcing regularly changing passwords and not using dictionary words in a password string. A security group policy should be enforced, making users and computers, such as dedicated servers, hardened to exposure. System administrators can close holes in the operating system with regular updates and security patching, making data even more secure.