Each company probably has its own data storage system, however, a large amount of information remains outside, which, if leaked, also carries certain risks. Any PDF files, document scans, audio and video files, in addition to important documentation, are also classified as information assets of the company and can be used against the business.
According to statistics, more than 70% of information assets are not critical confidential information, but unstructured data that is stored electronically on hard drives or in the company's cloud storages. In fact, such data is documents that are kept in the company “just in case”, so that you can refer to them at any time. Spoiler: out of 70% of a non-confidential data, about 50% are documents that can be safely deleted (duplicate files, outdated data, content not related to the company's activities, etc.). At the same time, 56% of business owners say that the most important confidential data of the company needs more progressive protection.
Most of the information is not controlled, and leads to the constant need to expand the storage and carries the risk of leakage of commercial information and violation of regulatory requirements.
Currently, the vast majority of companies store data in cloud storage, but cloud storage also has its drawbacks. Firstly, not everyone understands that the cloud also needs to be configured using certain protection methods. In view of this, modern Internet scanning tools can easily find and access such clouds. Unfortunately, most companies use a hybrid storage method: local cloud + public cloud. Such a solution is not only not considered the most secure due to the large number of people who have access to it, but, as we said above, it experiences serious configuration problems that are fraught with leaks.
In 2022, information security experts have seen a surge in activity in the form of attacks on public-private cloud storages of companies. Unfortunately, the information of many companies was compromised (the study showed that out of a random sample of 50 cloud storages of the attacked companies, 44 were misconfigured). This year, cybercriminals have outdone themselves, and even after paying the full ransom, they either demanded more money or completely erased the contents of cloud databases.
Before deletion, the criminals are known to carefully analyze the vaults for personalized information that could lead them to other personal user data.
A) Vault already in use with configured security checks can be secured by enabling automated security checks.
B) Further, many cloud storages used by companies to store large amounts of corporate data already have built-in tools for monitoring cloud infrastructure management.
C) Standard encryption of sensitive data has never been superfluous.
D) Use of third-party anti-data leakage tools, such as a DLP system. Falcongaze's SecureTower, for example, keeps track of all files that a user uploads to the Internet through a browser. The system controls all cloud services Dropbox, OneDrive and Yandex.Disk, Google Drive, iCloud, Mail.Ru and others (desktop and web versions of storages are controlled).
Of course, in addition to cloud storage, local databases are also widely used, which, without proper protection, are also at risk of hacking and leakage. Any local database should be built on three principles:
- availability: all parameters must be configured in such a way that in the event of an unforeseen attack or technical failure, the data can be reached and isolated;
- confidentiality: a key principle against information leakage, any unauthorized access to the database must be potentially foreseeable and excluded;
- integrity: this principle implies the absence of unauthorized modification, deletion, movement of data (especially confidential) within the database.
Did you know that information storage security provides a standard (ISO|IEC 27040), according to which the protection of information and information infrastructure must be carried out by complex measures?
At the technical level, as we have already described above, all procedures for access settings, antivirus updates, network perimeter protection, etc. are used. Remember to avoid sharing accounts and giving extended access rights to employees who don't need it to do their jobs.
Traffic analysis is the most important thing, it is best to use a DLP system to track suspicious activity for further investigation. In the SecureTower system complete control of corporate information is achieved by monitoring the maximum number of communication channels and data transfer protocols. After analyzing the intercepted data, if there is a violation of the security rule, the system automatically notifies about the incident with all the information about it. When investigating incidents in SecureTower, cases are formed in which you can record the progress of investigations, determine the defendants in the case, and after the completion of the investigation, make a report for managers.
At the physical layer, protection against unauthorized physical access must also be considered. This includes:
- introduction into circulation of special access systems based on multi-factor authentication (biometrics, smart cards, etc.);
- monitoring of the physical condition of equipment and servers;
- provision of alternative power sources in case of emergency breakdown;
- recruitment and training of personnel responsible for monitoring the system.
One thing is clear: large amounts of corporate data, including confidential ones, require a large and secure place for their storage. Whether a company uses cloud storage, local storage, or a hybrid way of storing data, maximum protection is needed here, both on a physical and technical level, using the best supporting tools, such as a reliable DLP system.
After reading this article, our team recommends that you go through all the security points that we have discussed and make sure that nothing threatens your data.