A recent study by Symantec Corporation revealed that healthcare data breaches accounted for 39 percent of all data breaches last year. The report does not mention it directly, but this is most likely due to strict reporting rules for data breaches within the healthcare sector. The next segments with high incidences of breaches include business, education, insurance, hotels, and wholesale trade.
While some may think this does not tie closely to telecom expense management (TEM), it does. This year, ransomware spread beyond PCs to smartphones, and cybercriminals increasingly seek any network-connected device that can be hacked for valuable data and used to access the enterprise network.
As pointed out in an earlier blog post, Trend Micro’s ’Dissecting Data Breaches and Debunking the Myths’ report found the primary reason for data breaches were due to device users losing their device or having it stolen, compared to 25% of the breaches that result from hacking and malware. When smartphones are lost or stolen, they become an easy avenue for hackers to steal sensitive data. Enterprises need to adopt stricter mobility policies with better enforcement and clear guidance on what to do when a device is lost.
With the recent Verizon breach, hackers stole customer contact information from its website. During the current strike, Verizon is likely to become an even bigger target. Customers should establish two level authentication for passwords, and each individual that has access to an enterprises’ telecom accounts should have their own password. In addition, basic standards for more complex passwords should be enforced and users should be prompted to change these passwords quarterly.
Ongoing education and training is critical to prevent security breaches and help employees identify spam, phishing, and hacking emails. Second, the damage from a serious data breach can be reduced through use of asset tracking software, mobile usage reporting, and MDM software. Third, timelier remote wiping of lost or stolen devices will help. Finally, companies need to develop plans on how to deal with potential data breaches.Tags: data security