| |||||||||
| |||||||||
Current Filter: Security>>>>>> Human frailty Editorial Type: Industry Focus Date: 05-2014 Views: 4262 Key Topics: Security Data Breaches Data Loss Prevention Insider Threats Human Issues Hacker attacks Key Companies: CoSoSys Pirean Courion Lancope AlienVault Key Products: Key Industries: Education Retail | |||
| Most data breaches are the result of mistakes, negligence or unexpected system glitches. Human nature dictates that they will always happen, so businesses must take pre-emptive action now to stop them occurring Human error is addressed nowadays with data loss prevention (DLP) and other extrusion prevention solutions. The key for DLP systems to work - and reduce or eradicate data breaches caused by insiders - is mostly related to implementation. So says Roman Foeckl, CEO and founder of CoSoSys, who then points out: "If you have an amazing business idea, but the implementation leaves a lot to be desired, there are minimum chances to succeed. The same goes with data loss prevention or other tools that prevent data breaches. Implementation does not mean only making sure the software is working and management has some nice reports about what data is going out or which users are most likely to cause a data breach. It is also about the human component. The solution may have a high level of complexity, but there will always be a person using the data."
ACTIONS AND CONSEQUENCES Another way of looking at the solutions recommended to address the human error/risk consists in determining increased productivity, not disruption. "For example, if employees are forbidden to access certain websites or use some resources, most probably they will not appreciate a restrictive environment; and complaints, not to mention interrupted daily tasks, will appear. After all, businesses have to find the right balance between a certain level of trust in users and the proper measures to reduce to a minimum the risks of data loss." According to Foeckl, best practices for DLP solutions - as they represent the first line of defence (before training and explaining to people what data loss is) - combine three elements:
• A high level of complexity - ensuring confidential data remains safe, regardless of where or how it is used "Of course, this goes the other way around, as well," he points out. "Businesses should consider talking to employees and prepare them for the next step, prior to the implementation of the DLP solution. But this is just another tactic that depends on the company's policies and their out-of-the-box thinking."
DAMAGING THEIR EMPLOYERS
Meanwhile, what has been happening in the retail sector is now mirrored increasingly in the wider business world. On this score, Marc Lee, director EMEA, at Courion, believes that we have failed to see the dangers in front of our eyes. "We've been smug in Europe, following the US Target data breach. A lack of comprehensive chip and PIN systems, which we've been so comfortably using for years, has contributed to the theft of millions of credit and debit card details." More fool us, he says. "We've now had our very own case of retail industry-related data theft here in the UK. But this time the attack is from the inside.
| ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |