Data leakage is not only embracing, it is actively dangerous for your business and your customers. Preventing data leakage, whether from accidents or intentional attacks, remains a top priority for modern businesses in a world where information can travel across the globe in mere seconds. Once the proverbial genie is out of the bottle, it’s almost impossible to again contain it.
Data Leakage Definition
Data leakage is the unauthorized transmission of data from within an organization to an external destination or recipient. The term can be used to describe data that is transferred electronically or physically. Data leakage threats usually occur via the web and email. But it can also occur via mobile data storage devices such as optical media, USB keys, and laptops.
Barely a day goes by without a confidential data breach hitting the headlines. Data leakage, also known as low and slow data theft. This is a huge problem for data security, and the damage caused to any organization, regardless of size or industry, can be serious. From declining revenue to a tarnished reputation or massive financial penalties to crippling lawsuits, this is a threat that any organization will want to protect themselves from.
Types of Data Leakage
There are many different types of data leakage. Also, it is important to understand that the problem can be initiated via an external or internal source. Protective measures need to address all areas to ensure that the most common data leakage threats are prevented.
1. The Accidental Breach
“Unauthorized” data leakage does not necessarily mean intended or malicious. The good news is that the majority of data leakage incidents are accidental. For example, an employee may unintentionally choose the wrong recipient when sending an email containing confidential data. Unfortunately, unintentional data leakage can still result in the same penalties and reputational damage as they do not mitigate legal responsibilities.
2. The Disgruntled or Ill-Intentioned Employee
When we think of data leakages, we think about data held on stolen or misplaced laptops or data that is leaked over email. However, the vast majority of data loss does not occur over an electronic medium. Actually, it occurs via printers, cameras, photocopiers, removable USB drives and even dumpster diving for discarded documents. While an employee may have signed an employment contract that effectively signifies trust between employer and employee, there is nothing to stop them from later leaking confidential information out of the building if they are disgruntled or promised a hefty payout by cybercriminals. This type of data leakage often refered to as data exfiltration.
3. Electronic Communication with Malicious Intent
Many organizations give employees access to the internet, email, and instant messaging as part of their role. The problem is that all of these mediums are capable of file transfer or accessing external sources over the internet. Malware often used to target these mediums and with a high success rate. For example, a cybercriminal could quite easily spoof a legitimate business email account and request to send sensitive information to them. The user would unwittingly send the information, which could contain financial data or sensitive pricing information.
Phishing attacks are another cyber attack method with a high data leakage success rate. Simply by clicking on a link and visiting a web page that contains malicious code could allow an attacker to access a computer or network to retrieve the information they need.
Data Leakage Prevention
Best Practices to Stop Accidental Data Leakage
Not all data leaks are the result of malicious actions. In a lot of cases, it is the result of an honest mistake. Someone sends an email to the wrong recipient, forgets to encrypt a piece of data they are transmitting, or puts sensitive files on a USB drive and accidentally uploads it to an unprotected personal computer.
Some best practices that your organization can use to minimize the risk of accidental data leakage include:
1. Applying a Policy of Least Privilege (POLP) to Data Access
It’s hard for someone to accidentally leak data they don’t have access to it. A policy of least privilege restricts each user’s data access to the absolute minimum they need to perform their job function. Using such a policy also helps to minimize the risk of intentional data leaks, too.
2. Place Restrictions on What Email Domains Employees Can Send Attachments to on Company Systems
Some email clients and applications allow you to organize people into groups or organizations and manage out-of-group communications to some extent. For example, Google Drive can be set to generate a confirmation screen/warning when sharing access to a file with someone outside the employee’s organization/group. Using these kinds of alerts can make it much less likely that data will be accidentally shared.
3. Establish a BYOD Policy and Enforce It!
A bring your own device (BYOD) policy can help your organization define the rules for if and how employees may use personal devices, such as smartphones, laptops, USB drives, and other devices that can be used to copy, store, and transmit data in the workplace. If such devices are not allowed (or have their use restricted) in the workplace, it can reduce the risk of accidental data leakage.
4. Provide Cybersecurity Awareness Training
Employees need to know not only what the biggest data leak risks are, but what the potential impacts of such leaks can be for the organization. Providing such awareness training helps employees avoid making basic mistakes that lead to data leaks. Additionally, it can help employees identify phishing attempts and other strategies that malicious actors may try to use to steal data.
The above practices are highly effective for preventing accidental data leakage for most organizations. But, what about data leaks that arise from the abuse of user credentials or attacks on your network infrastructure?
Best Practices to Stop Intentional Data Leakage
While you may not be able to stop every malicious actor who tries to take your data for their own personal gain, you can minimize your risks of a data leak by following a few best practices, including:
1. Installing Basic Cybersecurity Protections on All Network Endpoints
A basic antivirus program or firewall might not stop a determined attacker or a malicious insider, but such basic protections can prevent less sophisticated attempts to steal data from succeeding or at least slow an attacker’s progress. Also, email client antivirus systems can help prevent some data leaks by scanning email attachments for malware.
2. Making Sure to Clear Sensitive Data from Non-Critical Systems
Does a copy of your company’s most sensitive information, such as customer records and payment card information, need to be on every terminal in the office? No, nor should they be. Cleaning up individual terminals and making sure that all of your most sensitive data is kept on your most isolated (and well-protected) systems is a core part of preventing data leaks. If an attacker gets malware on one random workstation, keeping that workstation clear of sensitive info can lower your risk of a data leak.
3. Using Defense in Depth Security Strategies
The more layers of protection you can put on your network, the better. Having a layered defense on your network—one that employs firewalls that isolate each asset and restrict peer-to-peer traffic—makes it harder for an attack to access all of your most protected assets at once. This way, even if an attack gets past your outermost perimeter defenses, it will take time and effort for the attacker to access more than a handful of your IT assets.
4. Install IDS/IPS Systems and Run Penetration Tests
A key part of preventing a data leak is being able to quickly identify an attempt to steal data and contain the breach. The longer it takes to identify an intrusion attempt, the more time an attacker has to breach your defenses and steal data. Intrusion detection systems (IDS) and intrusion prevention systems (IPS) can help with early attack detection and (in the case of IPS) even provide some automated attack prevention. Penetration tests help you test your security measures for potential weaknesses and verify how effective your IDS/IPS solution is at detecting various kinds of intrusion attempts.
The Bottom Line
How many of these best practices does your business use? We will be happy to know it on the comment section bellow. If we have missed some practices, inform us by sharing them.