People are cautious of physical theft, but the security of digital assets is often ignored. The simplest actions can have devastating consequences for your data security. Outdated software, weak credentials, and malware all create opportunities for data exfiltration.
Studies show that many users believe they won’t be targeted by hackers and aren’t aware of the sheer number of risks posed by cloud and mobile data access. With cybercrime on the rise, it’s important that we all take a proactive approach to data security.
Here is just a handful of common attack vectors that hackers have taken advantage of in recent years:
1. Lost/Stolen Devices
Mobile devices and laptops contain emails, text messages, photos, apps, and a wealth of other personal and corporate information. As such, organizations need to protect devices and the data they store and access – particularly because lost and stolen devices are one of the leading causes of data breaches. Organizations must ensure that devices have password protection and multi-factor authentication enabled whenever possible.
2. The Dangers of Wi-Fi
Hackers can create hotspots that convincingly imitate legitimate public Wi-Fi access points. When users connect to these free, seemingly harmless Wi-Fi networks, they are essentially giving hackers their laptops, all of their passwords, and access to everything they do on their devices. Public Wi-Fi should be used with great caution – users should make sure that hotspots are legitimate before connecting to them. A good rule of thumb: when in doubt, don’t risk it.
3. Insider Threats
74 percent of businesses feel vulnerable to insider threats. Whether they are caused intentionally by malicious employees or accidentally by careless employees, data breaches and leaks are extremely dangerous to corporate and even personal data. Thankfully, there are corporate solutions available that can track valuable data’s whereabouts and even remotely wipe critical data from devices that have been lost or stolen.
4. Software Updates
When employees skip or procrastinate on device software updates out of laziness, or because they are too busy, they leave themselves and the entire company vulnerable. Missing these updates can leave personal data and even corporate data exposed and vulnerable to malware, ransomware and more. Ensure that employees install vendor-official software updates promptly and in accordance with your company’s policies. The recent and widespread WannaCry ransomware attacks demonstrated just how important keeping systems updated can be.
5. The Wrong Kind of Mobile Apps
There are malicious mobile applications that are created specifically to steal information from mobile devices. Unfortunately, these types of apps are only becoming more common. Ensure that mobile apps downloaded to devices are valid by checking the reviews and only download apps from official app stores. Doing research of applications that touch financials or similar sensitive data can save you from making data vulnerable to hackers.
Adequate data security requires small, but necessary, changes to data use habits. Enterprises and employees should treat data and devices as valuable physical possessions. A more concerted effort to take the threat of malicious attackers seriously can help make sure important information does not fall into the wrong hands.
- ISO 27001 – Information Security
- Risk Management
- Hacking Forensic Investigator
- Ethical Hacking
- Implementing NIST Cybersecurity Framework using COBIT® 5
Schuricht, Mike (2017). 5 Cybersecurity Vulnerabilities That People Still Forget About. Recovered on 10 October 2017 from https://www.informationsecuritybuzz.com/articles/5-cybersecurity-vulnerabilities-people-still-forget/