This is the season of ghosts, goblins and monsters. Which one will eat your data? Will it be the Werewolf of Dataland, Frankenstein’s Data-Crusher, the info thirsty Cloud Dracula or the creepy Byte-Zombies! Whichever data goblin breaks into your organization, it will cost you lots! According to a study conducted by Kaspersky Lab and B2B International published on September 10th, a survey of over 5,000 companies worldwide showed that larger firms should expect to shell out around $551,000 following a data breach. In another study by Ponemon Institute, it took enterprises an average of 46 days and nearly $2 million in IT reparation and customer notification efforts to recover from each cyberattack. In addition, (and the scariest part!) the loss of customer confidence, damage to reputation and loss of business can be devastating.
Read on to learn more about data breaches, how to keep your company from being attacked and how LTO technology can play a vital role in the data protection plan!
Tales of Data Munching Attacks
The goblins can come in a variety of disguises – from cybercriminals to disgruntled employees. As noted by Privacy Rights Clearing House, tens of millions of records are breached each year. Take the recent case of a prominent NY stock exchange organization that had to notify customers that 3,500 records were breached; following the discovery that hackers got unauthorized access to their system, current and former customers’ payment card information, including access to their names, addresses, email addresses and phone numbers, were affected. In another disastrous situation a large health services firm was bitten by the data goblin hackers. These info stealing monsters obtained access to 10 million customer records. The information accessed included names, birth dates, social security numbers, mailing addresses, telephone numbers, claims and financial payment information, which included some credit card numbers. A class-action lawsuit has now been filed against the health services organization as a result of the data breach.
Attackers typically use a variety of clever data-munch methods to hack an organization, according to an article by Inc. that points out various strategies:
- Weak Passwords: with an inexpensive graphics card, a hacker can run billions of simple, lowercase, eight-character password combinations a minute. Eighty percent of cyberattacks involve weak passwords. Beware, about 55% of people use only one password for all logins. Set up strong password guidelines for all employees.
- Malware Attacks: an infected website, USB drive, or application delivers software that can capture keystrokes, passwords, and data. Educate employees on how to recognize and prevent these attacks.
- Phishing Emails: bogus but official-looking emails prompt your employees to enter passwords or to click links that lead to infected websites. Make employees aware of these fiendish ploys.
- Social Engineering: this is 21st-century con artist tactics where hackers pretend to be you to reset your passwords.
- Ransomware: hackers hold your website hostage, often posting embarrassing content until you pay a ransom.
The data goblins are thinking up new ways every day to get to your delicious information.
Data Breach Protection Plan – Use LTO Technology
What can you do to prevent these breaches? Let’s narrow it down to 4 basic steps:
- Be Data Frugal: don’t keep more customer data than is absolutely essential. The old adage is, if you don’t have it they can’t steal it.
- Train the Staff: your team must be trained and certified on how to handle sensitive and confidential information, company products, materials, documents, passwords, and physical and cyber entry points.
Be Tech Savvy: implement strong firewall systems, use and enforce secure key entry points, lock up equipment and use data encryption… use LTO tape data encryption. If the data gets in the wrong hands it cannot be read, as it is encrypted with LTO 256-bit Advanced Encryption Standard. LTO encryption is tape drive hardware based (no special software needed) and has virtually no impact on drive performance. It’s fast!
- Keep data offline: offline means not attached to electrical connections. LTO tape technology is offline. That is, a tape cartridge on a shelf, in a secure location,cannot be accessed by electricity and therefore cannot be hacked, cannot be attacked by a virus or accessed by a disgruntled employee. In addition, since it is offline, it draws no power….LTO tape is low cost secure storage!
Beware of these daunting data goblins…take action to protect your organization from a data blood bath.