Data in Motion is Data at Greatest Risk

[Audrey McNeil <audrey () riskbasedsecurity com>]

https://finance.yahoo.com/news/data-motion-data-greatest-risk-190000539.html

The Labor Day Weekend hack that set social media sites ablaze with leaked
photos of one of the biggest names in Hollywood once again highlighted the
issue of data security for both businesses and individuals.

Whether Apple’s famous iCloud was actually hacked or if this was a series
of targeted attacks against specific accounts is somewhat interesting but
inconsequential to most of us. Security experts can afford to debate the
split-hair differences between a security breach and an attack but
businesses need to focus on the bigger picture takeaway. They must limit
exposure to data leakage and theft.

Let’s begin with a basic premise. All data is at risk of being compromised
through both malicious and non-malicious activity. Anyone who doubts this
need look no further than Target Corporation,Neiman Marcus, Michaels or the
latest high-profile example, Home Depot. Data has value and will always be
a target for would-be hackers and adversaries but data is also the
lifeblood of most organizations. Accepting some level of risk is part of
doing business. Managing that risk by recognizing and shoring up points of
vulnerability is the difference between using data as a competitive
advantage and being the victim of a catastrophic data loss.

Today’s sophisticated and well-funded cyber threats can come from anywhere
and attack nearly every part of your network. However, data that is moving
from one location to another is at its most vulnerable and carries with it
the highest probability for loss.

Data that is safely locked away on premise or at a hosting provider still
carries a certain degree of risk, but data that is moving beyond the
firewall introduces a whole new set of elements into the equation that can
be difficult, if not impossible, to control. A good analogy can be found
from an unlikely source, the United States Secret Service. The agency is on
record stating that the most dangerous time for the protection detail is
when the President is in transit and outside of a controlled environment.
The same can be said for your data.

According to the Secret Service, if it were up to them, the President would
never leave the confines of the White House. Clearly that is not practical
as the job demands constant movement. While it would also be safer to lock
your data away in a secure environment, that is also not possible as
conducting business requires moving information around in various locations
and geographies. So the question becomes, how do you protect your most
critical or personal assets while they are in motion?

When transferring information, whether it is business or personal related
material, users should always consider the potential pitfalls of the
channel they are employing. Simply emailing data files or using free
services such as Dropbox can have serious implications long after the
information has been transferred. For individuals, simply employing
encryption software can eliminate many common security vulnerabilities
because even if your data is compromised, it is still protected. Other
common-sense solutions include: avoiding unsecured wireless networks,
locking devices with passwords and avoiding the social channel over share.

For businesses that are forced to deal with compliance and legal
implications, it is a bit more complicated. Many of them are turning to a
managed file transfer (MFT) system that enables the reliable and secure
transfer of files between business parties. It utilizes secure protocols
and easy-to-understand models of exchange allowing administrators to always
know where files are with accuracy and extensive reporting capabilities.

Unlike traditional or manual file transfer options, MFT incorporates much
higher levels of security, scalability, integration, reporting and other
features. Through a more sophisticated and controlled file-transfer
solution, organizations can bring order, predictability and security to
file movement that improves business performance and reduces risk.

Ensuring that files arrive at the intended destination securely and without
incident will never create the level of excitement generated by the news of
celebrity hacks. That is a good thing. Avoiding security related headlines
is the goal of every organization, as the results of a breach or hack can
be devastating from both a financial and reputation perspective. So when it
comes to securing critical assets in motion and keeping intellectual
property under organizational control, MFT should find its way onto
everyone’s A-list.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!