Tuesday, March 31, 2009

Economic Downturn Causing Data Theft Deluge - How to Manage the Threat

Source: http://www.contingencytoday.com/online_article/Data-loss-deluge-during-downturn-/1814

A leading provider of IT security systems is warning organisations to prepare themselves for a data loss deluge during the economic downturn. Citing an increase in transient staff, higher staff turnover and a growing black market hungry for information, Overtis Systems is urging UK organisations to update their data access procedures to counter these threats with a Ten Point Plan.

Several drivers are responsible for the increase in data leakage over the past year. There has been a surge in the use of casual staff, with companies using more contractors and outsourcing core operations. This in turn has lead to greater fluidity of data and a heightened risk of security compromise. Meanwhile, temporary and permanent members of staff, uncertain of the future, are purloining data to further their own careers. Others, concerned about their own finances, are selling sensitive information to a burgeoning black market. And an increase in redundancies is also causing problems, with dismissed members of staff more likely to steal data either for their own ends or to cause their former employer operational problems.

Overtis recommends organisations adopt the following Ten Point Plan to prevent data leakage:

1. Implement a strong employee joining and exit process – email and network access needs to be revoked quickly and mobile devices recovered when an employee leaves. New members of staff need only be given access to the resources they need to perform their role.

2. Educate staff – ensure data is only accessible to staff on a need-to-know basis or push data to relevant individuals.

3. Avoid remedial action – Don't seek to address a security breach with a point security product but take a systematic approach to the whole enterprise. Controls need to be in place between the user and the data not on the network or gateway.

4. Identify assets and information flows – Address potential pain points by mapping all of the intellectual property you have and modes of access.

5. Restrict the manipulation of data – Plan who needs access and whether they have the authorisation to print, change or export data over email, IM or to removable devices. It's also now possible to apply restrictions to specific content within a document or by time and location.

6. Watch the gatekeepers – System administrators and privileged users should be subject to the same change management and critical server file integrity checks.

7. Don't overlook the obvious – Do put in place procedures to prevent the export of data to USB sticks, MP3 players etc. Do scan outgoing email for confidential attachments. Do restrict copy and paste over Instant Messenger and other social networking media.

8. Use encryption – Where you do permit data export to mobile devices and removable media, ensure it is encrypted.

9. Use two-factor authentication – Don't rely on passwords; they are often written down and are relatively simple to crack. Always combine a password with a secondary method of authentication. Sophisticated systems such as finger vein readers are simple and cannot be easily subverted.

10. Combine your security arsenal – While many organisations have biometric access systems, CCTV and even RFID, few have taken the logical step of joining these together with the IT security system. Integrating the physical with the virtual can provide the requisite evidence of a data breach, for example marrying a screenshot of a file being exported with CCTV footage of the perpetrator. Evidence can also be used to enhance staff productivity, by illuminating how data is used.