Learn lessons in the events of data leak: sensitive data should be encrypted while being transmitted and stored2016-04-13
Why do hackers attack large-scale enterprises and institutes? It is undoubtedly because of all the valuable information hidden in it.
Many organizations and institutes should learn how to protect their own data from data leak events. From the frequent data leak events, we should pay most attention to how we protect enterprise data from the threat of internal organization. Especially when we recruit new employee, we should verify the identities of these applicants.
Although legal operation departments and internet security companies have been constantly warning users that internal members of organization, internet swindlers, hackers and hostile countries will pose serious threat of security to enterprises or organizations, we don’t know for sure how many enterprises and organizations exactly have improved their defense level of internet information security after knowing this warning.
Data encryption processing and virtual working environment
Senior security consultant of MWR InfoSecurity Company, Zak Maples, says that senior managers of all enterprises and organizations should immediately check whether the right storage method has been taken when confidential information is stored in their companies as well as check people who have access to these data including their identities and authorities. What’s more, whether the company has deployed secured data protection control measures or corresponding security emergency plan should also be checked. Maples also questions managers of all organizations:” Have you ever conducted security test to these security protection systems if you really deployed these measures? Otherwise how can you be so sure that these measures are truly effective?”
Security researcher Doherty says large-scale organizations and institutes should make sure not only all the sensitive data of users (such as identity information, address and credit card information) are encrypted but also the access authority to these files, for instance who can open, view, edit or copy this file and who can send this file through email, are elaborately distributed and controlled when the data is transmitted or stored since they are in possession of all these sensitive data of users. What’s more, every single operation towards these files should be kept tracked in the log and will be analyzed and checked termly so that abnormal conditions like unauthorized access and modified files can be discovered in time. Of course, these suggestions are adaptable to all the enterprises and organizations that need to deal with and store sensitive data.
Except for security researcher, Doherty is also a supporter of using secured virtual working environment to deal with confidential information. If discuss of sensitive problems is needed, it should be carried out in a secured internet space. He thinks:” Communicational information should be stored in a container. All the information should only be sent to specified users and have certain limits to its survival time. When the whole process is finished, access to data stored in this container should be limited.”
Electronic edition of file recording has security risk
Undoubtedly, many companies and organizations have gradually applied digital storage method to store files. It is understood that many companies gradually transformed the paper files into electronic files and stored them in their data base. But this will leave trace of operations in the computer.
Honan says:” The most secured method is to store as less electronic data as possible. We have no obligations to save all the data if according to the regulations of laws and contracts. Then we should apply secured method to destroy all the files. And I recommend legal operation institutes and intelligence organizations in Europe also take this into practice.”