Contact Us






Math Captcha   + 16 = 17

* Required Fields

Contact Us

Data Breaches Show that Extra Security Precautions Are Needed

Data Breaches Show that Extra Security Precautions Are Needed

SEPTEMBER 4, 2012

Dropbox, the popular cloud-based file sharing service, has begun offering two-factor authentication after a data breach in July gave hackers access to some Dropbox user accounts and information. Two-factor authentication requires a user to enter a unique code, in addition to the normal user name and password, in order to login. The negative publicity that Dropbox received from the data breach spurred them to offer the additional security option and has brought more attention to online security in general.

With so much valuable information stored online today, for both personal and business uses, it is imperative that companies and individual users are able to safeguard that information. In general, the average user’s first thought about what level of security is enough is almost always wrong. As a user or organization with sensitive personal and/or business data to protect, you must thoroughly look for all possible avenues of vulnerability, precisely because the bad guys do the same thing. Understand your system and how it is used, and only then can you identify all the points of vulnerability.

Find out what you have that needs protecting, and set priorities for that protection. This process will drive the decision on what to secure first and how best to do it. Make no assumptions. Use an outsider who is not blinded by familiarity with your system to provide a dispassionate analysis, with no need to protect turf or prior decisions. Be willing to admit that your initial approach may be wrong or inadequate in at least some areas, so that your mind is open to whatever recommendations you receive.

A professional data security program is essential for any type of company, yet many organizations never realize it until after a data breach has occurred and the damage has been done. In addition, many businesses–especially companies in the financial sector–are required by law to comply with certain data security regulations. Guidepost Solutions can provide expert guidance on how to implement a data security program and ensure internal compliance, to prevent catastrophic data breaches before they occur.


 

About the author

citarella_kKENNETH C. CITARELLA, JD, MBA, CFE, CIPP/US
SENIOR MANAGING DIRECTOR, INVESTIGATIONS AND CYBER FORENSICS
kcitarella@guidepostsolutions.com

Kenneth Citarella is senior managing director for the Investigations and Cyber Forensics practice at Guidepost Solutions LLC.  He has more than 30 years of experience investigating and prosecuting white collar crime and computer crime. Kenneth can be reached at kcitarella@guidepostsolutions.com.

 

News

Please enter your email to subscribe. By doing so, you are opting-in to receive news from Guidepost Solutions LLC.




Math Captcha   + 64 = 67