Without a doubt, 2014 is well on its way to replace 2013 as the highest year on record for exposed records. In the first quarter of 2014 alone a record 43% of American companies reported experiencing hacks according to a study released by the Ponemon Institute. According to the 2014 Identity Theft Resource Center Breach Report, in all the following categories combined (banking/credit/financial, business, educational, government/military and medical/healthcare) as of November 3, 2014 a total of 644 breaches have occurred with an estimated total of 78 million records being exposed. The highest industry of breaches has occurred in medical/healthcare with 42.4% (273 out of 644) of the total breaches, and the highest industry of records exposed is business at 82.6% (about 65 million records out of 78 million).
There is too much feeling of false security in accordance to policies and trainings or just a simple password to protect data. Before data breaches became the norm, about 16 years or so ago those still not used to a data breach has given some people the sense of complacency in thinking that their organization will not be next. However, it is evident that organizations of all sizes and industries have made the headlines for the wrong reasons, which we in the information security industry read way too much about.
Here is a question for you, what if you knew that hackers were going to breach your systems, and they were going to steal your files containing sensitive information, what would you do differently? A lot of organizations are starting to look at security differently. According to what we read in the news, businesses are assuming that their data will be exposed, or is already exposed. What steps should they be taking in this case? It’s all about encrypting the data on employee desktops, in file servers and even in email.
It has always been said to secure data, not devices or networks. This is true, by securing sensitive data as it flows down to end-user devices or wherever it goes, this ensures organization that even if the device is lost or stolen or a hacker steals these files or even if an insider threat becomes successful, the sensitive data is not compromised. Information rights management or digital rights management (DRM) prevents the exposure of sensitive and confidential files and provides persistent file-based security for any business environment. Whether the data is on your PC or in file servers or even in email, Fasoo Enterprise DRM can ensure that your sensitive data remains secure.
Don’t overlook these solutions, as now the government is issuing fines and penalties, most recently two telecommunication companies received a $10 million fine for neglecting to protect over 300,000 customers personally identifiable information (PII).
Photo Credit by: new3dom3000