Blog

Tag: pulaski county special school district

Stop Data Breaches by Authorized UsersWith news of data breaches every other day, many companies are now turning their attention to where sensitive files reside, who has access to the sensitive information, how this information is being used and securing it.

The cyber criminals’ techniques for breaking through perimeter defenses are always getting more sophisticated. Everyone realizes that network security alone is no longer a sufficient solution as the perimeter that once held sensitive information safe has been eroded.  Now everyone must adapt to a perimeter-less world.

Today a large number of internal and external users enter company systems and access data daily – vendors, suppliers, partners, customers and employees. This makes it an extremely complicated task to secure sensitive files with the volume of users, applications and various levels of data access. With all of the implemented technology stack, it is daunting – if not near impossible – to secure all the various points of exposure. It only takes one weak point to be compromised and to suffer significant damages.

Whether intentional or in error, authorized users cause a large portion of data breaches and the criminals and hackers are onto this. More and more breaches are due to authorized users doing something they weren’t supposed to do.

This week there was news on Mount Olympus Mortgage Company – $25 million awarded in a lawsuit around corporate espionage. Authorized users of the mortgage company had stolen loan files, borrower information and other confidential information diverting it all to their current employer.

Last January, former GlaxoSmithKline scientists were indicted for stealing trade secrets to seed a startup company where they worked with external parties to profit from the breached information.

On September 2015, a former Morgan Stanley financial advisor pleaded guilty to taking hundreds of thousands of confidential records. The adviser was in discussions with other competitors of Morgan Stanley about a job as the breaches took place.

Last month, news broke out about a data breach within Pulaski County Special School District. An employee was responsible for compromising thousands of current and former employee’s personal information. This individual was emailing health insurance and benefits reports to her supervisor, and blind-copying the information to her personal email address including social security numbers, names, health insurance costs and individuals that did not have insurance.

Companies need to adapt and secure their sensitive data. Perimeter based security is no longer sufficient. The good news is implementing a data-centric security approach for persistent protection is available and easy to deploy.

Pulaski County Special School District Data BreachThis week news broke about a data breach within the Pulaski County Special School District. The breach resulted in more than 3,000 employee’s personal information being compromised. It is reported that a PCSSD employee was responsible for the compromise of thousands of current and former employees’ personal information and she has resigned from her position as of February 2016. Notices to the individuals impacted by this insider data breach were sent out last week.

The former employee was emailing health insurance and benefits reports to her supervisor, and blind-copying the information to her personal email address. Names, social security numbers, addresses and the cost of the health insurance to the employee were some of the information included in the breached data. The culprit was also identifying who did not have insurance along with their social security numbers. The IT Director at PCSSD commented that this behavior had been going on well over a year before it was discovered .

It is striking that organizations still struggle to discover breaches, how long it takes them to realize that a breach has happened and to properly react to fix the issue. It is even more striking that with all the training and the investments made in technology that this is still a major problem.

The solution to this type of problem is to add data-centric security to the traditional perimeter security deployed in most environments. This additional layer of security includes techniques that protect data as it travels through both the organizational perimeter and beyond, by limiting access to sensitive data according to policies that cover both users and activities.  It can also determine where sensitive data exists within an organization, monitoring the data, and analyzing the ways in which users access, copy, and move it over time. This is done by incorporating identity management systems to correlate specific users with activity on sensitive data.

By using these techniques, PCSSD would have not only prevented the unauthorized activity when the employee sent copies to her personal email address, but would have detected the suspicious behavior to take immediate action.

In the past, it was sufficient to protect an organization’s IT perimeter with tools such as firewalls, VPNs, intrusion detection, end-point security, and data loss prevention (DLP). These techniques no longer are effective by themselves against today’s threats such as APTs, other sophisticated attacks or insider threats – clearly evidenced by breaches making the headlines on a regular basis. Such was the case with the PCSSD breach.

Categories
Book a meeting