- By Industry
- By Use Case
A Definition of Data Theft
Data theft is the act of stealing information stored on computers, servers, or other devices from an unknowing victim with the intent to compromise privacy or obtain confidential information. Data theft is a growing problem for individual computer users as well as large corporations and organizations. Data theft occurs both outside and inside companies, and reducing the risk of insider data theft at the corporate level is anything but easy. This is especially true because system administrators and employees have access to technology such as database servers, desktop computers, and external devices including USBs, smart phones, and other removable and mobile devices.
Data Theft by the Numbers
According to USA Today, a Ponemon Institute report released in September 2014 found that “a staggering 43% of companies have experienced a data breach in the past year,” which is an increase of 10% from 2013. Michael Bruemmer, vice president of Experian’s data breach resolution group, explains that more than 80% of the breaches his group works with “had a root cause in employee negligence. It could be from someone giving out their password, someone being spear-phished, it could be a lost USB, it could be somebody mishandling files, it could be leaving the door to the network operations center open so someone can walk in.” Insider threats don’t always involve intentional malice; often, data theft that occurs from within an organization can be attributed to a lack of data protection knowledge on behalf of employees, or sometimes, simply careless behavior.
Tips for Preventing Data Theft
As data theft risk becomes increasingly problematic, companies and organizations need to take steps to protect their sensitive data. There are some steps any company can take to protect its data:
- Secure sensitive customer, employee, and patient data by keeping storage devices containing sensitive information in a locked, secure area and restricting access to sensitive data.
- Properly dispose of sensitive data and remove all data from computers and devices before disposing of them.
- Use password protection for all business computers and devices and require employees to have unique user names and strong passwords that they change regularly.
- Encrypt sensitive data and use encryption on all laptops, devices, and emails that contain sensitive data.
- Protect against viruses and malware by installing and using antivirus and antispyware software on all business computers.
- Keep your software and operating systems up to date by installing updates to security, web browsers, operating systems, and antivirus software as soon as they become available.
- Secure access to your network with firewalls, remote access through properly configured Virtual Private Networks, and Wi-Fi networks that are secure and encrypted.
- Verify the security controls of third parties and make sure their data protection practices meet your requirements and that you have the right to audit them.
- Train your employees to ensure they understand your data protection practices and their importance.
Be Proactive When It Comes to Insider Data Theft
Insiders remain a significant threat to your organization’s sensitive data. In fact, the Experian 2015 Second Annual Data Breach Forecast suggests that employee mistakes will be a top threat to companies this year. Insider data theft may be due to a malicious employee taking or selling your corporate data or simply making an unintentional mistake. Rather than react after sensitive data is lost, your organization should take proactive steps to mitigate the risk of insider data theft. These steps should include establishing an acceptable use policy, training employees on that acceptable use policy, removing temptation, providing a means for employees to conveniently report suspicious activities, and remaining especially vigilant when employees leave the company.
Dan Geer on How to Mitigate the Risk of Insider Threats
Dan Geer explains how to apply the reference monitor concept to mitigate the risks presented by insiders.
Related ArticlesWhat is Incident Response?
Six steps for effective incident response.What is NIST SP 800-53? Definition and Tips for NIST SP 800-53 Compliance
Learn about the NIST SP 800-53, a critical component of FISMA compliance, in our Data Protection 101 series.What is Advanced Threat Detection?
Learn about advanced threat detection solutions and how they work in Data Protection 101, our series on the fundamentals of information security.