Is your database secure?
A security breach on the Facebook social network, which was active for a year, has exposed the email addresses and phone numbers of six million users worldwide. LinkedIn has confirmed in recent weeks that it is investigating a possible breach of its password databases after a hacker submitted a list of 6.5 million encrypted passwords in a Russian forum. This news is recent, but not so much. Unfortunately it is still common to hear that customers of such a company have their personal data exposed on the internet. The effects of this vulnerability they can be irreversible as they range from brand value losses to financial and material losses to customers and the company. Is there a way to change this reality? Yes. Are companies doing this? Do not.
A recent Verizon survey showed that 76% of the security leak / breaches occurred through network vulnerabilities or credential theft (users and passwords) and 75% were intended for financial fraud. Given this scenario, financial institutions today are the companies that invest the most in tools that ensure the integrity of their database information. But it is still far from the ideal scenario.
But why do I need to protect the database?
While the answer may seem obvious, we need to keep in mind the amount of information we are currently dealing with. Data show that in two years we will have 2.5 zetabytes of information circulating. Therefore, it is essential to prevent breaches and ensure data integrity. The challenges are many, but what to do to be as assertive as possible regarding the security of the information contained in the databases?
Most fraud occurs within the company by dissatisfied employees and even former employees. But many reported cases occur due to phishing attacks or malicious links on social networks. The point is that the human factor is still the hardest to secure. Employees handling sensitive and sensitive corporate data must be constantly updated on data classification policies and standards.
What is the strategy?
We can not fail to emphasize the difficulty in administering numerous systems, controlling their access and the function performed by each employee. Therefore, it is important to have a solution that, even with real security breaches, the integrity and confidentiality of information is assured. In this case, even if an employee has access to all information present in a system, it is possible to make the company's business-sensitive information contained in it completely blocked and not leaked from the company. The tool itself blocks information, where the employee cannot access it. The solution, embedded in the network, then identifies, logs and blocks - all online and automatically - with 100% visibility of who is manipulating the information.
In addition, tools like this achieve significant cost savings, as with good implementation, as well as mitigating intangible risks and losses, it reduces log processing in the database.
Every company that has competitive differentiation of information, and this information is in system, has the need for a tool that ensures the security of their databases, after all this can be a decisive factor for the success or failure of an organization.
* Umberto Rosti & #8211; CEO [SAFEWAY] ** Article originally published in Executivos Financeiros Magazine **