Data Theft Definition, Statistics and Prevention Tips
Data theft is the act of stealing information stored on computers, servers, or other devices from an unknowing victim with the intent to compromise privacy or obtain confidential information. Data theft is a growing problem for individual computer users as well as large corporations and organizations. Data theft occurs both outside and inside companies, and reducing the risk of insider data theft at the corporate level is anything but easy. This is especially true because system administrators and employees have access to technology such as database servers, desktop computers, and external devices including USBs, smart phones, and other removable and mobile devices.
Data Theft by the Numbers
According to USA Today, a Ponemon Institute report released in September 2014 found that “a staggering 43% of companies have experienced a data breach in the past year,” which is an increase of 10% from 2013. Michael Bruemmer, vice president of Experian’s data breach resolution group, explains that more than 80% of the breaches his group works with “had a root cause in employee negligence. It could be from someone giving out their password, someone being spear-phished, it could be a lost USB, it could be somebody mishandling files, it could be leaving the door to the network operations center open so someone can walk in.” Insider threats don’t always involve intentional malice; often, data theft that occurs from within an organization can be attributed to a lack of data protection knowledge on behalf of employees, or sometimes, simply careless behavior.
Tips for Preventing Data Theft
As data theft risk becomes increasingly problematic, companies and organizations need to take steps to protect their sensitive data. There are some steps any company can take to protect its data:
Be Proactive When It Comes to Insider Data Theft
Insiders remain a significant threat to your organization’s sensitive data. In fact, the Experian 2015 Second Annual Data Breach Forecast suggests that employee mistakes will be a top threat to companies this year. Insider data theft may be due to a malicious employee taking or selling your corporate data or simply making an unintentional mistake. Rather than react after sensitive data is lost, your organization should take proactive steps to mitigate the risk of insider data theft. These steps should include establishing an acceptable use policy, training employees on that acceptable use policy, removing temptation, providing a means for employees to conveniently report suspicious activities, and remaining especially vigilant when employees leave the company.