Importance of Data Security and Internal Threats in Data Centers

Thursday, December 15, 2016

Should companies be trying harder to protect their data from cybercriminals? If they want to avoid having critical information stolen from them, they should.

Take for example a computer professional and former Central Intelligence Agency employee who has been in the news for the past several years because he leaked top secret information from the National Security Agency while subcontracting through Booz Allen Hamilton.

Snowden copied and collected vast amounts of NSA information, and eventually leaked the documents to The Guardian, a U.K. newspaper, which then published them.

"The more records a company loses due to breach, the more it cost a company."



While the discussion of Snowden's actions on an ethical level are beyond the scope of this discussion, his actions do raise concerns about cybersecurity in general.

Snowden proved that even the most advanced security systems are vulnerable when not monitored 24/7. The events highlighted just how vigilant companies have to be with their data storage solutions. And it also revealed that, in our opinion, businesses probably should consider working with third-party, highly skilled specialists who can provide top-notch IT security solutions and constantly monitor data.

Companies need to take data security seriously
Data breaches are expensive. IBM's 2016 Cost of Data Breach Study, which consisted of 1,500 interviews in 383 organizations around the world, revealed that the more records a company loses due to a breach, the more money it costs them. For example, businesses that lost 10,000 records or less were looking at a cost just north of $2 million, while those that lost 50,000 or more documents had to manage losses totaling roughly $7 million.

Further, U.S. companies face greater financial repercussions due to a data breach than others around the world because they had to manage higher customer turnover, among other things. IBM reported that U.S companies faced the highest total organizational cost at roughly $7 million on average in 2016.

We hope these alarming numbers have caught your attention. A financial breach can set companies back for years, if they recover. Organizations, no matter how big or small, must understand they're not immune to cyber attacks or invincible from handling and overcoming cyber breaches.

Businesses must understand common IT threats
Two types of IT vulnerabilities exist. These include:

"DDoS attacks, SSL-induced security blind spots, SQL injections and other web application assaults are only a few types of attacks."



1. Infrastructure assaults
DDoS attacks, SSL-induced security blind spots, SQL injections and other web application assaults are only a few types of attacks, flaws and weaknesses that IT teams constantly have to mitigate and solve.

Cybercriminals, whether "hacktivists," insiders or state-sponsored criminals, attack servers with a number of goals. It could be, for example, to overwhelm systems and shut down online services or gain access to user information through brute force attacks.

2. Employees
There are two types of employees that could cause irreparable harm to companies. These are employees who have access to and steal critical company files, and there are those who present security risks because they make IT mistakes, leaving servers open to attack.

It's important to look for red flags. In the case of employees who have access to critical information, let's briefly turn our attention back to Snowden.

"[Snowden] asked me two or three times on how to get access to what essentially was the PRISM data – we didn't call it that internally, but that's kind of what everyone know it is," said Steven Bay, Snowden's boss when the latter worked as a contractor for Booz Allen Hamilton, who spoke to The Cipher Brief.

PRISM is a top-secret program in the National Security Agency that allows it to gain access to digital communications from major internet companies.

Snowden's question did raise red flags in the NSA, but they failed to fully appreciate the situation and take action.

On the flip side, many companies have loyal employees, but they consistently make mistakes, leaving servers open to malicious attacks.

In a Netwrix 2015 State of IT Changes Survey, 70 percent of organizations continue to make undocumented changes (compared to 56 percent the year prior), and they do so at an increased rate.

These undocumented changes can lead to a number of problems such as increased downtime, compliance problems and security issues.

Companies must stay vigilant about who they're allowing to access critical systems, keeping data protected and also informing employees why it's critical to document all IT changes.

Make sure employees only have access to the type of data they need.

1. Understand and adhere to industry best practicesHow to properly protect your data center from IT threats
Breach ramifications can ravage a company's bottom line. To protect themselves, businesses need to defend their servers, and they can do so by following a number of steps:

Some industry-best practices include Sarbanes-Oxley, PCI-DSS and AnSI/TIA-942, which control data flow, establish infrastructure regulations for computer rooms and data centers, and better safeguard critical information.

2. Set up Perimeter and internal safety nets
Data centers must be well equipped to block IT criminals from gaining access to data from both outside and inside their compounds. This means companies should use high-resolution audio and video equipment and top-notch visitor management systems, as well as limit employee access to data that they don't need to do their jobs.

3. Learn how to prevent IT attacks
To stop DDoS attacks, IT technicians can either upgrade servers or use a technique called power balancing, which denies incoming requests so servers don't become overloaded. For SQL injections, companies should regularly audit their applications.

If the Snowden case has taught companies anything, it's that IT security must be at the top of their to-do lists. Not doing so is like leaving their front doors unlocked all night. Eventually someone with cruel intentions will walk in and steal important data. To protect themselves, IT teams must first understand the different threats they could experience and how to prevent them.