How can you prevent a data breach? (1)
You will certainly have noticed the huge dismay in the media about data breaches. Hacks at organisations such as UvA, GGD, INholland and recently at the RDC company have been in the news the most. Hackers mainly target organisations that hold a lot of personal information, such as educational and healthcare institutions. These organisations have recently had to deal with the practical consequences of COVID-19. As a result, there is often insufficient time, attention and resources available for the proper security of their data sources, which means that their data management is far from optimal.
What's wrong?
The problem of data leaks can be outlined in various ways. A structural fault in the infrastructure, causing confidential data to be leaked unwittingly. An inadequately secured IT environment, resulting in unwanted software such as ransomware getting in. Or an untrustworthy employee offering data for sale. With regard to the latter, we sometimes see that even employees with a temporary contract or who have no emotional connection to the organisation whatsoever, gain access to extremely confidential information.
Questions? Dare to ask them yourself!
Usually a leak occurs from within the own organisation. This was also the case with the data leak at the GGD. In a clumsy way a lot of data could be exported by employees who were not authorized to do so. Preventing a data leak raises crucial questions.
Some basic questions you can ask yourself are:
How vulnerable is my data and how confident am I in my own network security?
Who is responsible for managing my data?
Are my servers equipped with the latest security patches?
Am I prepared for a possible hack or data breach?
Are there any clean backups that I can restore quickly?
Carefully answering these questions must result in the proper protection of confidential (personal) data. A security that is necessary, for example, to meet the compliancy guidelines for a NEN or ISO certification. The security procedures you have laid down and the familiarity with them are obvious.
In our next blog on preventing data breaches, we'd like to take a closer look at the 'checking' step in our royal route to optimal data management.
Do you have any questions right now? Dare to ask us! We like to see the protection of confidential and personal data as our common concern!