One of the most pressing challenges modern CSOs face today is how to secure a data center best. Although protection from external threats is often the focus, internal threats could be just as devastating. To put this into perspective, a 2019 Cost of a Data Breach Report stressed that internal threats and system glitches are often accountable for half of the data breaches that occur. That means that only half of the data breaches that we know of are caused by cyberattacks.
While computers are primarily predictable in the data protection they provide, human error is often hard to account for when looking at these processes. No matter how much time and effort a company puts into training and education, they still may have data breaches without enhanced security practices and the checks and balances required to ensure data breaches are contained as quickly as possible. But what are the most common internal threats for data centers and what can companies do to ensure they are protected?
External Data Sharing
When employees share sensitive data with third parties, it can often come with disastrous effects. The simple careless act of hitting the reply-all button instead of just replying to a single person can result in a large amount of private information being shared publicly. While training rarely helps avoid this, specialized Data Loss Prevention (DLP) programs can help companies ensure their sensitive data is limited or blocked when transferred inappropriately.
Unauthorized Device Access
We’ve all likely seen a movie where a USB drive is used to represent a vast amount of data that shouldn’t be shared or could take down an evil organization. Unfortunately, this sentiment is echoed in real life as unauthorized devices are used within a data center – particularly portable devices. The best way to avoid this problem altogether is ensuring that USB device access is blocked; however, if USB is needed, encryption is critical for protecting the data contained on them if they become lost or fall into the wrong hands.
Phishing or Email Spoofing
Phishing and email spoofing have evolved in recent years because of how effective it is. The basic concept of this approach is that an external party sends an email that looks legitimate to someone inside the company to trick them into sending data or secure information. In most cases, excellent antimalware or antivirus software can help root out these emails; however, it is essential to ensure that employees use best practices before blindly sending information to other users.
Sometimes referred to as “Shadow IT,” the use of unauthorized, third-party software can be hard to trace for internal IT departments. Employees will often use these applications simply because they are accustomed to doing so outside of the workplace to improve their work performance or be more efficient. Although, these third-party services may have weak security that directly leads into the data centers servers. In many cases, DLP programs can also help limit the reach of a data breach and prevent employees from inadvertently leaking information through this method.