Things To Know Online

December 31st, 2012

Posted on December 31st, 2012, 0:19

The 2011 Cost of a Data Breach Reports, a study by the Ponemon Institute have brought to light some important facts regarding data breaches. As per this report, malicious attacks are the most expensive causes of data breaches as it comes to around $222 per record. Moreover, the study also found out that of all the data breaches reported in 2011, 39% were due to negligent employees. This definitely shows that with hackers using the Internet to put their malicious plans into action and with negligent employees being the leading cause of data leakage, there is the need of effective measures to counter it.

The advent of the Internet technology has helped companies and organizations to carry out their business activities at a lightning pace. Though the Internet has been beneficial to businesses on many counts, it has been largely responsible for making companies and organizations vulnerable to both internal and external attacks. However, with Internet becoming an integral part of modern life, the only possible solution to prevent data leakage and data theft is to implement effective data protection measures.

Besides Internet, the influx of new technologies in the business arena such as social media, mobile and cloud technologies have thrown open new ways to leak data. With mobiles being the new web access device, any kind of vulnerabilities, design flaws, or protocol failures in any component of mobile applications, mobile devices and mobile infra components would adversely affect security. So is the case with cloud computing. Though it is cost effective and hassle free, cloud computing eventually means moving the corporate data beyond the four walls of the organization to an internet based environment. Hence, ensuring mobile security and  cloud security is highly important to protect sensitive data from falling into wrong hands.

Unlike European Union’ Data Protection Directive and UK’ Data Protection Act, United States do not have a single data protection law. In such a scenario, companies and organizations have to implement self-regulation in order to deal with the issues of data leakage and data theft. Enterprises need to deploy a  risk management frameworks  comprising of measures such as data classification, data flow analysis, and use of tools like data loss prevention (DLP), information rights management (IRM) so on and so forth. Several service providers are there who can help companies and organizations in deploying comprehensive data protection framework across their information lifecycle. Such a move would help enterprises not only in ensuring compliance with various regulations but also in safeguarding company reputation.

Read more on - application security, Information Risk Management

By Josephmax, in: General