Data Leak/Data Breach what’s the difference?
Quite a lot – a data breach is the outcome of a planned attack on your business either from external criminal elements or internally from one of your own people. A data leak on the other hand is the accidental exposure of sensitive data by a business. Cybercriminals do not create data leaks, but they will exploit them once discovered.
Often, data leaks reflect poor security practices. An internal data breach will also often be the result of ill-intentioned opportunism and lax data management.
Minimise the risk to your business from data leaks
1. Secure your Supply Chain
Ensure you evaluate and understand the security posture of all vendors who have direct or indirect access to your systems. Use a rigorous risk management method to establish their compliance with regulatory standards like GDPR and any that specifically apply to your business. Simply requiring them to be Cyber Essentials certified is a good baseline.
Direct access should only be via a method which you control and have evaluated to provide maximum protection, both in terms of preventing exposure to malicious code if the vendors environment has been compromised, and, also using the principle of least privilege. Vendors’ access to your system should be reviewed frequently and permissions adjusted downwards when possible. Remember no vendor should be able to access your system without requesting and being granted explicit permission to do so. No vendor should have full admin privileges unless your system is being managed for you.
2. Monitor Everything & Everybody
Its a given that systems should be monitored for any sign of suspicious behaviour that would indicate a breach or activities pre-empting an external attack. However, of equal importance is the ability to monitor and manage network access by your own staff. A business must be able to identify who has done what, where and when and with which data before they can ask themselves the question of why? Security policies and identity and access management should enforce privileged access to highly sensitive data.
In addition to monitoring user access, a business should also ensure it can identify and remove unauthorised software on its network – Shadow IT. Apart from potential security issues, you could also find yourself in breach of licensing agreements.
3. Identify and Categorise your Data
To protect your data, you must understand what it is, where it is, how it is processed, who has access and why, and the criticality of it being exposed or stolen.
Personal Information – often this also includes customer information. GDP and its potentially punitive fines have highlighted the risks associated with this category of data which might include customer names, addresses, phone numbers, email addresses, usernames, photos and even security camera video images.
Company information such as sensitive internal communications, performance metrics, marketing strategies and M&A plans
Intellectual Property – This could relate to data your business uses to gain a competitive advantage or even worse, intellectual property belonging to your clients – unpatented proprietary technical information, product designs etc
4. Secure your endpoints or virtualise them
Any remote device that communicates with a business network should be secured. Recent events have driven a massive surge in remote working that is unlikely to abate. VPNs and firewalls offer a level of protection but tend to be clunky and not nearly secure enough. Virtual Desktops with centrally managed security applications and policies provide a much more secure environment with consistent up-to-date software.
5. Encrypt all data
Despite access permissions and other methods, used to prevent unauthorised access to your data, assume someone will still get access. Encrypt your stored data and ensure you are using an encryption method when you transmit or share data. A secure messaging platform is a preferred alternative to standard email when dealing with sensitive information.
Advisor Anywhere is a fully resilient, cloud environment which provides the tools to address the above issues as well as other multiple layers of security to protect your practise; Secured by Amazon Web Services to ISO 27001, 27017, 27018, SOC1,2,3 and C5 standards, Advisor Anywhere delivers additional protection with a 24/7 Security Operations Centre (SOC) and supplementary security applications
Why Moore Technology?
With so much experience in Financial Services, we know what matters most to advisors and networks. Our founder Piers Moore is fluent in the operational and structural nuances of the sector, having worked in financial services for over 17 years – both in-house for large financial services networks and as a service provider for financial advisors. We pair this knowledge with our huge consulting experience in technology strategy, cloud and network services, cyber security and telecoms; together with our APN status and best of breed partnerships we deliver well architected, secure solutions tailored to financial advisors.