Corona and Specially Covid19 have changed the world. Now, Work from Home would be new normal. We all are working from home, which makes us more vulnerable to attackers. There are also security to protecting from intruders.
How valueable is the data?
Mukesh Ambani, CEO of Reliance Industries Ltd, once said in Indian Mobile Congress in 2017 that "DATA is the New OIL." The term kind of first used by Joris Toonders founder of yonego.com in his 2014 Article in Wired.com. Since then, many prominent world leaders have said that "DATA is OIL." Data is very critical as it helps the organization to make the right decisions. . The data is essential not only for organizations, governments, and others.
Data is the most valuable asset any organization can have because it will help make the right decision. Data helps us to enhance our knowledge. Once, we know something that would help us to make the right decision. It also helps us to understand what is happening around us, and that would impact us as a human being.
Different between Data Theft/Leakage and Data Loss
Currently, many IT professional has confusion about Data Theft/Leakage and Data Loss. Both are different things and must different IT Security strategies to make sure the organization is secure. It is my understanding and bifurcation about Data Loss and Data Theft. As said, energy cannot be a loss; it transformed one medium to another, but data can be destroyed. Once data is damaged, it is Data Loss. Further explanations about the same at the below details.
What is Data Theft/Leakage?
The Data Theft and Leakage, means unauthorized data access data by the external receiver or receiver who is not entitled to the same. Data leakage could happen physically or electronically. The data could have been transported to the receiver using the web, email. With an increasing amount of BYOD(Bring Your Own Device), culture has increased the chance of data leakage using mobile devices as well. Other option of data leakages are optical drive, USB Keys, and Laptop.
A couple of common Data leakage Scenario:
A) Accidentally Leaking of Data
When user accidentally shares critical information with non-authorized person. It calls Accidental data Breach. When accountant receives an email from CFO that has confidential financial information. He forward that email to someone unintentionally. Unintended data sharing would lead to shared data with a person who is not entitled to that information. This kind of breaches are considered as accidental data leakage. Misplaced electronic devices, sharing the password, and using personal passwords for office usage. Employee's Laptop, mobile or USB key was stolen can be part of Accidental data leakage.
B) Irked or Dissatisfied Employee
The employment contract is just creating trust between employee and employer. That does not guarantee that employees won't leak the confidential data. The data can be leaked via any form, whether it is email, web, USB, or mobile devices. There should be strict physical as well as an electronic check of each employee to prevent data leakage. Especially, Time like Covid19, where most of the employees working from home, is a kind of testing water for all the organizations. It is also testing time for their data leakage prevention solution.
C) Malware Attack, Malicious E-Communication
Giving full access to the internet (web/email) would productive. But, with that, it also opens the door for the cybercriminal. Cybercriminals hide their identity to implant malware/virus in the employee's machine. After that malware would transfer the data to attacker's server. This kind of attack is most common these days. Phishing is another technique that cybercriminal uses to attack the organization. They use email and search engine as an option to gain access or gain information that they need.
Managerial Ways to Prevent Data Theft/ Leakage:
1) Roles and Responsibilities :
Make sure that user roles are well defined, so do user responsibilities. Everyone in an organization who is going to access data should be the responsibility of the data they access. User role should attached to data access policy. Make user responsible and accountable for the data they access.
2) Data Audit:
Just like we are doing the financial audit, there should be Data Audit. There is always an audit trail of data. The Data trail should include but not limited to, the following:
- Data Creation
- Data Modification
- Data Accessibilities
- Data Deletion
Technological Ways to Prevent Data Theft/Leakage:
1) Email Security Solution
Email is the most common way corporates, governments communicate with each other. Make sure that you have a proper email security solution. Email Security Solution should have the following features:
- Email Encryption
- Email Security Gateway Server
- Prevent user from forwarding the email
- Email Rights Management solution
2) Cloud Data Protection solution
When everything is moving to the cloud, and we are using cloud extensively to access our data. Cloud data protection is a critical element in Data Leakage Prevention. Make sure that the user has minimal rights and permission given. You can use many Data Protection Softwares that encrypts the files. They also provides you the solution to manage roles and responsibilities.
3) Malware Protection Solution
Your choice for malware/ransomware protection solutions would be a crucial in Data Leakage protection. Malware Protection Solution gives enough management control to Security Administrator.
What is Data Loss? How that is different from Data Prevention.
Data Loss happens when the data destroyed. The data that is crucial for the organization becomes unrecoverable. The backups that you have is become stale. In this kind of situation, you don't have any data left to use after the attack happens.
Data Loss is a situation that happens when there is a hard disk failure and is unrecoverable. Hard Disk failure, Neglecting regular backups or anything that could lead data destroyed.
Data Loss Could be counted in the below cases.
A) Intentional Deletion of Data
Rouge employee or system Administrator deletes the data intentionally so it won't be recoverable. The intention to delete data could be anything. The dissatisfied employee can do this. He also doesn't have a copy of the data deleted. Once the data deleted using a tool like sdelete.exe in the Windows OS Platform, the system admin cannot recover it. Sometimes, the system admin deletes data from the source as well as backup. It is intentional data deletion without one can recover it.
B) Unintentional Data Loss
Unintentional Data Loss happens when the user accidentally deletes files. The files are not recoverable after that. There can be accidentally overwritten files where the user doesn't have a backup of the original file. File corruption happens because the user overwrites the file accidentally. There is also an incident like user misplace the media file, USB Disk, backup taps that could lead to the data loss.
C) Electronic Component Failure
Hard Disk, USB Keys, Memory Cards, Backup Tapes, Power Supply, failure could be the reason for data loss.
Hard Disk – Hard Disk Crash that would create data loss. Hard Disk Power Crash or hard disk Spidle crash that could reason for the data loss.
USB Keys & Memory Cards – USB Keys and Memory cards are the most convenient way to carry data physically from one local to another. There is a misplace of USB Keys or Memory cards. Sometimes, USB Keys and Memory cards got corrupted. They are affected by malware that could lead to data loss. Once affected by malware, this could also affect another data point that are connected by them.
Backup Tapes – backup tapes are used to take backups. They are sometimes used off-line backups. Once the backup is on Tape, they stored in secure places. Sometimes taps are corrupted due to which data loss happens.
Power Supply Failure – Power supply failure would crash the system. Once the system is hit, your Data on Memory is a loss, and it won't be recoverable. Though the Data on hard disk won't be affected, data on memory is a loss.
D) Natural Disasters
Your data center is affected by a natural disaster that would affect your data. Earthquake, flood, tornado, or any other natural calamity might be the reason for the data loss. Natural Disasters are the primary reason for a disaster recovery plan.
How to Prevent Data Loss?
There should be enough technological planning to prevent data loss. There should be backup planning for every stage. There should be a backup for each critical information, whether in the cloud or local system. Following are my critical thoughts about how to prevent data loss:
1) Backup Planning
Backup is most crucial for any organization. It should be planned very well. Backup Strategy and backup planning should be an easy restoration of the data whenever needed. Backup planning and backup software solution should be enough crucial parts of your IT Budget. Also, we should be aware that backup should be restored whenever we needed them. It protects us from intentional and unintentional data loss.
2) Extra Electronic Equipment as Backup
There should be extra electronic equipment available. For example, there should be two power supply that is backed up by a power backup solution. The production machine always runs on Raid Based storage so it would work fine. Same about carrying critical data in USB keys or memory cards, there should be backup.
3) Disaster Recovery Plan
Disaster recovery completes IT Security and IT Management solution. There should be a disaster recovery plan to protect the organization from any natural disaster. There should be DR Site available so that when any natural calamity happens. The DR site will help the organization to protect not only the data loss but run business continuity. Disaster Recovery also helps when there should be an attack on your primary data source.
Key Take-Away for CISO:
1) Understand that Data Leakage is different that Data Loss
2) Data Leakage mostly human or technological error
3) Data Loss could be a human, technical or natural disaster
4) DLP Should not be one software, but DLP is the entire solution that involved the number of softwares.
5) Covid19 has given us time to rethink about our DLP Strategy and make it more robust.
6) Make sure that backup can save you in Data Loss
7) The audit would help you in case of Data Leakage
8) Roles and Responsibilities, as well as making employee accountable, would help you for data leakage
9) Technically Data Leakage can be easily prevented by making sure that there is enough security-related measure taken
10) DLP is not just a technological term, but it is also a management attitude.
18 Years Experienced Professional in Cryptography, PKI, Information Security, Data Security, SSL Certificate, TLS Certificate, Cloud Security, Website Security, Email Security, Cloud HSM, IT Infrastructure Management, Cloud Management and Customer Support. Certified in Comptia Security+, EC Council CEHv10, MCSE, ITILv3. Domain Investor by Hobby owns 150+ domains.