One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1436541 |
| Date de publication | 2019-10-31 13:00:00 (vue: 2019-10-31 14:07:08) |
| Titre | Data breach: how to prevent it |
| Texte | We are living in the era of the digital economy where companies are collecting and storing lots of valuable customer data on a daily basis. As it has turned out, data is an important input in the competitiveness, growth, and revenue generation for any company across industries. But every valuable resource has its vulnerabilities, and data is not left out in this unfortunate fact. A notable vulnerability of sensitive data that has left many IT departments scratching their heads is data breaching. What does “Data Breach” mean? When unauthorized people gain access to confidential data, either by stealing it from a company database or through leakage from an insider, that action is known as a data breach. How is data stolen? Well, hackers have mastered the art of infiltrating data security systems for both small and big businesses and copying sensitive data, often without being noticed or traced. In other cases, staff members maliciously or accidentally leak important information to data spies. Think of a case where a staff member leaves their unlocked computer or an unencrypted external hard drive at home or at a public place, and then a malicious person copies data from the device. That is an accidental data breach. The device can also be stolen. Common data breach methods As sophisticated as data thieves try to be, they aren’t too creative with their methods. Experienced data security experts are sometimes able to track them down by establishing the vulnerable areas through which they entered into the system. In most cases, malicious actors take advantage of failed software updates and reckless end-user practices to phish data. Here are more possible data breach methods: 1. Fabricated or stolen credentials If your company uses weak credentials to establish the identity of staff members, hackers can easily fabricate those credentials and enter your database unsuspected. Think of a case where a user’s username is his email and his initials or date of birth his password; a data thief can easily guess such login credentials. Also, hackers can steal user credentials from their PC. 2. BYOD Bring your own devices (BYOD) has its perks, e.g. increasing employee efficiency, but it is now growing to become a serious workplace data threat. Most of these employee devices aren’t encrypted, and some even have malware-laden apps installed. Any important files and emails in such a device can easily be retrieved by a hacker. This is highly risky for recruitment agencies, especially when they outsource work to employees overseas. 3. Card fraud There have been cases of data thieves gaining access to ATM machines and gas pumps and attaching spying malware that copies credit card data from anyone who swipes his/her card in the machine. And because many people recycle pins and passwords, the malware uses the stolen credit card information to guess usernames and passwords and later use them to access company and private employee emails. How to prevent data breach 1. Invest in strong cybersecurity Recent cases of a data breach show that businesses can no longer rely on firewalls, antivirus software, and intrusion detection software to protect their data from a possible data breaches. It is important to install multi-layered cybersecurity systems that do not only thwart possible infiltration attempts but also identify possible vulnerabilities before hackers do. 2. Remote data backup If your company has remote employees, it is important that you invest in a strong remote data backup system. It is time to get rid of backup tapes as they can easily be lost, stolen, or mishandled before they reach the main office. A good backup system should enable you to backup data a |
| Notes | |
| Envoyé | Oui |
| Condensat | “data buy able access accidental accidentally across action activity actors acts advantage agencies all allows also anonymously antivirus any anyone apps are areas aren’t arguably art atm attaching attempts automatically awareness backup basis bay because become been before behavior being big birth blocked both breach breach” breach: breaches breaching bring browser business businesses but byod can cannot card case cases ceo collecting common companies company competitiveness compliance computer conclusion conditions conferencing confidential copies copy copying creative credentials credit customer cybersecurity daily data database date departments detection device devices digital discussed dlp does down drive easily economy efficiency either email emails employee employees enable encrypted end ensure enter entered era especially establish establishing even every experienced experts external fabricate fabricated facebook fact failed files firewalls following fraud from gain gaining gas generation get given good growing growth guess hacker hackers hard has have heads help here highly his his/her hold home how however identify identity important including increasing industries infiltrating infiltration information initials input insider insiders install installed internet intrusion invest investing its keep know known laden later layered leak leakage leave leaves left living login long longer loss lost lots machine machines main malicious maliciously malware manager many mastered mean member members methods methods: minded minimize mishandled monitoring more most multi network not notable noticed now office officer often online only order other out outsource outsourcing over overseas own password; passwords people perks person phish piece pins place plan possible post practices presence prevent preventing prevention private prone protect protection public pumps radar reach real recent reckless recruitment recycle rely remember remote resource retrieved revenue rid risk risky rules safeguard scratching securely security see send sensitive serious session set should show small snooping software some sometimes sophisticated spies spying staff steal stealing stolen stop storing stream strong such swipes system systems take tapes them then these thief thieves things think those threat threats through thwart time times too traced track train tricks tries try turned ultimate unauthorized under understand unencrypted unfortunate unlocked unsuspected unsuspecting updates use user user’s username usernames uses valuable value video virtual visit vpn vulnerabilities vulnerability vulnerable way weak website well what when where which who will without work workers workplace write your |
| Tags | Data Breach Malware Vulnerability |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.