How to Avoid Data based Cyber-Crimes

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://blog.backup-technology.com/14815/avoid-data-based-cyber-crimes/

If you want to take pleasure in the comfort and relaxation you have created
for your organization and yourself, you need to have good sense of
self-defense. It is true that you need not to panic or visualize your enemy
running and following you always, it is important for you to be conscious
of precarious enemies that can occupy your environment to harm your data
and other confidential information in your organization. For that reason,
you have to always be prepared to deter enemies and protect yourself and
your environment against any form of attack. While your digital data is
transferred across the Internet, you have to be aware of the hostility
agencies responsible for Cyber crime as they can easily pose threat to the
safety of your digital data.

The major cause of Cyber crime is often pure unprofessionalism of
employees. Thousands of Internet devices like laptops and mobile devices
loaded with confidential information get lost every year. The problem is
that the majority of these lost laptops and mobile devices are not
protected with hard drive encryption or even anti-theft software. In
addition, some employees often share passwords with each other and even
with their co-workers that are not originally granted access to the
password simply because of their ignorance about the value of the data in
their procession. Some employees normally go as far as using file sharing
tool to share files with contractors and suppliers. The worst of all is
that some employees may unkindly create data branches for either
retribution or for personal gain.

At times, there can be threat to the security of your data by some of the
employees that have left your organization. An Ex-employee whose right and
privilege has not been deleted or removed from your computing system can
easily exploit the information either for personal benefit or to the
advantage of competitors. Disgruntled ex-employees can go as far as
infecting your computing system with malware and virus so as to corrupt,
modify or even change the entire data stores of your company. You can
easily avoid this by ensuring that you remove the right or privilege you
gave to any employee when he or she leaves your organization.

Though, threats from external data are rare yet, they cannot be overlooked
while considering the Cyber crime that can affect your data. Information
transmitted over your network can easily be hijacked by eavesdroppers by
listening at open ports. Your data can be susceptible if you store them to
a third party Internet based cloud backup provider. This can easily happen
when their system is compromised, access is granted to unauthorized
personnel by employees, the provider goes bankrupt or drop their servers
maybe due to financial difficulties or other similar reasons. And you need
to know that your data can be vulnerable when you share them over the
Internet.

So, there is a need for you to be careful and security conscious about
Cyber crimes. You need to make some required safety precautions to protect
and safeguard your data.

Some of the ways to protect your data against Cyber crimes include:

Educating your employees about the need for data protection,
Encrypting data in while in flight and at rest,
Interviewing and auditing users activity logs, as well as other activity
logs,
Ensuring adequate user management of data, and
Giving adequate and frequent attention to data against any form of data
crimes.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!