Gemalto According to statistics, since 2003, the world has 9.1 billion 98.58 million stolen or lost data, lost 207,849 records per hour, every second loss of 58 records.
Among them, the highest degree of risk of data leakage incidents are:
If you are a CIO, it is necessary to be prepared and take preventive measures. Faced with such a huge threat to the security of the data, companies wishing ahead *** by step, and to more effectively protect their bottom line, we need a new framework for thinking data security (MINDSET).
New data security thinking
Simply spill prevention has failed Gemalto 2017 Nian H1 leak index shows the organization of data leakage is a growing threat. Considering the time and effort of many organizations to protect their data and cost, the number of records compromised apparently staggering. *** If the organization wants to lead those, and more effectively protect their intellectual property, data, customer information, employees and their bottom line in the future to prevent data leaks, then obviously need a new data security methods.
IT security spending in the overall share of growing, but the epidemic for data leakage security measures fundamentally not improved. Companies are not in a safe, but in the past to invest in real basis according to the current realities of investment: in times past, is the pursuit of honor aura *** spoilers, sensitive data is centralized, enterprise edge is the position known desktop PC. This past reality, "prevention" technology network firewall and other network boundaries is good enough. Unfortunately, the data is stored and distributed enterprises today often cross the border yesterday, "good enough" approach to security is obsolete, ***, whether criminal or internal skilled personnel, whether malicious or accidental , have continued to pose a threat to data security. Perimeter security technology without any problems, which is an extra layer of protection. The problem is that many companies still rely on them as the basis for the information security strategy, in fact, prevent data leakage events are not so simple thing. Surprisingly, market trends indicate that most organizations do not have to change this "dependency" program. According to IDC, in 2016, spending $ 37.9 billion security technology companies, more than 30 percent ($ 11.4 billion) was put on perimeter security.
Prevent data from leaking to accept data leak leak index shows that in the past few years, the frequency and size of data breaches are increasing. By definition, to prevent leakage for the prevention of cybercrime is an irrelevant policy. In addition, each organization in a competitive environment has potential adversaries. Regardless of these internal threats will not only lead to blatant misuse of data, but can not prevent accidents caused by carelessness. Even non-malicious behavior, such as e-mail accounts through the work back home, lost devices, and data storage vendors shared network login credentials and passwords on a USB unknowingly, are likely to leak out innocently sensitive data . In today's environment, the heart of any security strategy needs to shift from "leakage prevention" to "acceptable leakage" and, when leakage from the accepted perspective on security, the world has become a relatively simple place: data protection, rather than peripheral equipment, it is a top priority. In cloud computing, virtualization and mobile devices led to the world *** and exponential growth, the protection of data is a very challenging proposition. Many organizations may be inclined to use "containment" strategy to solve this problem - that is, limit the data can go, only allows people with limited access. However, this "negative" strategy - that is, to restrict data access and movement restrictions based on security - contrary to the original technology enabling our mind. If we understand the mobile Internet and data sharing is the basis for commercial success, it is important to today's task is to establish a more proactive security strategy and make a difference. To protect data from leaking to accept a change of mindset is easier said than implemented new security policy within the organization has been difficult. There is no "one size fits all" approach, or a panacea to heal all diseases, to achieve the ideal "data protection", but every company should take three steps to reduce losses due to security breaches and to avoid adverse consequences, they It is to control user access and authentication, encrypting (whether static or dynamic) for all sensitive data, securely store and manage all of your keys. By combining these three steps are implemented into your IT infrastructure, companies can effectively deal with data leakage, to avoid becoming a victim. Your network can be invasive is not a problem, the only question is when will be ***. With the accelerating pace of business growth, new technologies continue to be deployed, new and more sophisticated tip *** constantly being started, your business was ****** a matter of time. Three Steps to protect data
- Encrypted data
Find the location of sensitive data resides, it is encrypted. Whether the data is in the physical network, virtual environments, or in the cloud movement, the encryption will hide and protect important information.
- Store and manage keys
None of encryption management platform, you will not be able to safely encrypt data. The key should be stored in the safe away from any encrypted data, and then establish a process to implement access restrictions, revocation, key rotation and re-released.
- User access control
Determining who has access to data, users achieve the mandatory certification, and the establishment of the verification process. Define user access levels, and automatically set up and manage users and tokens.
For the third step, the most easily overlooked decision-makers as well as a ring, is the last kilometer of the user access control. When using the device edge after four years, he accumulated a large amount of sensitive data on the hard disk. When the company to phase out the old computer, 9 percent of users did not completely erase the data, the data is recovered by other users in a special way, causing the so-called inappropriate user access, thus leak occurs. We strongly recommend that all companies in the time to replace the computer, be sure to erase data on the hard disk (definitely not formatted oh). Data erasure is a highly professional jobs, the best by a professional company operations.
# Databreach # # data leakage data encryption to protect data # # GDPR # CIO
Reproduced in: https: //blog.51cto.com/14338043/2410344