In my recent article for IP Watchdog, Taking a Data-Centric Approach to Today’s Security Landscape, I highlighted the importance of organizations taking a data-centric approach to security to safeguard against today’s sophisticated, and even amateur, cybercriminals. IP Watchdog particularly focuses on the security of all things IP (intellectual property) which brings us to another sector of high valued information—IP mappings.
IP mappings can be critical to the security of an organization’s database because of its link to client accounts and the location of those accounts within the database. Malicious attacks scanning the system for information on client accounts, such as financial data or trade secrets, would need to spend time and effort to locate the data. If hackers were able to expose the organization’s IP mappings, it would enable them to easily navigate the system and access the information before the organization knew it was under attack.
The recent Ponemon study, Risky Business: How Company Insiders Put High Value Information at Risk, found that almost three quarters of the IT security practitioners surveyed said their organization lost confidential information in the past year. I expect the standard approach to addressing this problem is to employ stronger perimeter security methods to ensure that only authorized users could access databases and the sensitive, high-value information inside.
But what about protecting it from internal users who decide to expose this information for their own gains? The only real way to protect IP mappings is by using encryption. Encryption protects all sensitive documents and files wherever they are accessed, inside or outside of the system.
While encryption is an important factor in protecting the integrity of IP mappings and where they lead, organizations should still implement employee training and a data-security framework to further boost the security of their high valued information.
Proactive thinking will keep organizations ahead of cybercriminals looking to do damage to their company, reputation, and customers. One form of security software is not enough.
Photo credit Blogtrepreneur