15 ways to lose your database
Arguably an organisations most vital asset is its databases, often containing financial information, customer and employee data and intellectual property. There have been many articles written that examine the risks posed of data being exposed and the potential damage caused. In addition, external threats have long been recognised with billions of pounds spent strengthening defences to mitigate against them yet there is little acknowledgment of the very real threat from within. The statement ‘don’t leave your valuables on show’ is a simple principle so why is it often ignored by Europe’s Corporations?
It is proven to be easier to bribe someone on the inside (or even implant them there) to gain access to sensitive data. Leaving this risk aside, how often has someone left your organisation taking company stationary with them?
Do you know what else has been taken?
Could they have sneaked out with sensitive material?
What about a copy of the entire corporate database?
Would you even know if they had?
Below, are the most common techniques individuals will employ to copy sensitive data : you may recognise some of them!
Legitimate Access Yet Inappropriate Use
Let’s be realistic, employees need to have access to corporate data in the normal course of their duties. Increasingly today, this need is 24 hours a day - 7 days a week and is not restricted to within the corporate walls or to company owned devices. It is this need that is opening up one of the biggest and growing weak points for European Corporations as data is seeping out via unprotected end-points, a significant number of which the company is unaware exist, or they are simply outside the company’s domain, such as private USB sticks or iPods.
To illustrate, an employee in sales may need to legitimately access customer records whilst on or off site and during a normal day may do so up to 100 times, another employee in R&D may need access to the secret formula for a product that’s in development whereas another employee in the marketing department may need to access the marketing plans for this new product’s launch and email them to the various agencies tasked with delivering the plan. However, there is no viable reason for all of these different employees and departments to be able to access all of this information, in the same way, and do the same things with it. In many instances, the company may be legally obligated to limit access to information on a need-to-know basis.
Access must be restricted to just the records that are needed to perform the task, with control over which bits of each record can be viewed, combined with limiting what can be done with the record.
If there is no obvious explanation why an employee should need to be able to access confidential and sensitive data, whilst off site, then they shouldn’t be able to. It would be prudent to employ a solution that can detect devices trying to connect to the enterprise and sync up with corporate data. Additionally, if there is no reason why they should need to make an electronic copy of these records – be it to a corporate or personal endpoint such as a CD, a USB/Memory stick, an iPod or even a Blackberry, then they should not be able to do so. If there is a valid reason why they need to make a copy then it should be force encrypted with a solution that does not impede the system, regardless of the device it is stored to, to ensure the integrity of the data is protected once away from the safe corporate environment.
By the same token, if an employee does not need to print a copy of the data then they should not be able to do so and even if they do, this should be regulated as I’m positive that there can be no genuine reason for complete records to be printed. Perhaps an alarm bell should be sounded if someone does print the entire database and a means deployed to ensure that it is not removed from the premises.
Another way to identify if an employee is abusing their access rights is if their usual behaviour alters and they suddenly start accessing a greater number of records then usual for longer, or even shorter, periods of time. This could indicate that they are writing the records down in some format to bypass any security restrictions in place.
In the case of a disgruntled employee determined to cause mischief records could be altered, or even worse deleted, thereby damaging the reliability of the data.
Another danger is if an employee wishes to steal a copy of a database and may attach it to an email and send it out legitimately through the corporate gateway. A savvier employee, worried at leaving a trail, may try to bypass this by uploading the file to an external system, such as yahoo, hotmail or a hosted document storage and management solution.
There have been a few instances of people seeking employment to steal data to order or even for an employee persuaded to divulge corporate secrets for financial gain.
Opportunistic Access Is Still A Real Risk
There are some risks that aren’t hi-tech and therefore harder to detect and even harder to protect against. For example, the business case for a printed hard copy of sensitive records needs to be strong as an opportunistic may access this and make a photocopy of it, completely undetected!
Another increasingly recognised threat is the mobile employee, justifiably working while travelling; either on the train, in a service station or another location, with someone looking over their shoulder and making a note of material displayed on the screen.
One further, really obvious, risk is writing down and/or sharing passwords. This is a truly naïve practice, with no justification, yet it is still widely abused today.
Illegitimate Access So Of Course They’re Up To No Good
The easiest, yet inexcusable, way for data to be violated is by an ex-employee whose access rights have not been timely revoked accessing the network remotely, perhaps initially just to see if they can, and then tempted into taking liberties with this oversight.
Another potentially soft target is a portable endpoint; such as, but not limited to, a laptop, blackberry or USB/Memory stick, that is misplaced or stolen. Should the device be unprotected then any data stored on it is exposed. Additionally, in the case of a laptop or blackberry, it may prove to provide a back door to the corporate network.
So What’s Corporate Europe going To Do
It may seem like a nightmare with so many trusted employees out to steal your most vital asset yet there are ways to mitigate against these risks :
1. Restrict access to only those employees who need it and limit what they can see, and what they can do, with the records
2. Appropriately monitor employees’ behaviour, ideally setting control mechanisms to flag any significant deviations from the norm
3. Employ a solution that can detect devices trying to connect to the enterprise and sync up with corporate data and force encrypt information when it is removed, legitimately or illegitimately, from the safe environment of the corporate network
4. Do not make unnecessary hardcopies of records or leave them unsecured
5. Educate the mobile workforce to the risks posed by their activities and the devices that they use
6. When an employee leaves, ensure all access rights are revoked immediately
7. Never leave a written record of passwords
8. Perform background checks on new employees, including contractors and any periodic workers. It may be prudent for these checks to be conducted at regular intervals to ensure that nothing has changed as is the case for those working with children via the criminal records bureau
9. Never leave data security up to the end user. It is imperative that this is controlled and managed centrally which can also reduce TCO (total cost of ownership) as machines don’t need to be locked down or brought in to the office to update them
10. Corporate Governance requires you now to have security and to be able to prove it. Use a solution that includes a central management console – that way every machine is protected and can be tracked.
Quick Overview of 15 Ways to Lose Your Database :
1. Employees able to access a database regardless of their need to do so, with sight of complete records including information that they do not necessarily need to see
2. Unrestricted downloading of the database to removable media
3. Employees able to print individual records, or even the full database, in hard copy format
4. Employees able to access records, in undefined quantities or for unlimited periods of time, providing the opportunity to make a written copy
5. Records, or even the entire database, altered or deleted
6. The full database, or individual files, emailed as an attachment
7. The full database, or individual files, uploaded to an external storage facility/website or a hosted document storage and management solution.
8. Secure employment for the purpose of having unrestricted access to confidential data with criminal intent
9. Existing employees being coerced into removing data for financial gain
10. Ex-employees who have not had their access rights revoked
11. Photocopy hard copies
12. Over the shoulder screen theft from mobile workforce
13. Writing down, or even sharing, passwords
14. Loss of external or portable media (memory sticks, CDs, laptops, etc) that contain unencrypted information, often during travel.
15. Misplaced, or stolen, devices (laptops, blackberries, etc) used as a back door to the corporate network
Peter Mitteregger, is European Vice President, CREDANT Technologies