Author: Kevin Donoghue, CEO - Telesoft
A Verizon Enterprise Solutions spokesperson revealed that the company had “recently identified a security flaw in its site that permitted hackers to steal customer contact information.” Now it is alerting affected customers and unfortunately, this is becoming far too common. About one year ago, AT&T was fined $25M for customer data breaches used to obtain codes to unlock phones.
Personally identifiable information (PII) – names, addresses, and social security numbers; PayPal and eBay accounts, log-in credentials for banks and even Uber accounts – are available for a price from hackers. Cybersecurity firm Trend Micro reports that an “oversupply … from numerous data breaches“ is leading to a drop in the price that hackers are charging for PII.
Reasons for security breaches vary, but Trend Micro’s ’Dissecting Data Breaches and Debunking the Myths’ report concludes that the primary reason for a data breach is due to device users rather than hackers. According to the report, 41% of data breaches were due to a user losing their device or having it stolen, compared to 25% of the breaches that result from hacking and malware.
Many organizations overlook the types of sensitive information that employees store on their mobile devices and laptops. Mobile computing platforms like phones, tablets, wearables, and other devices, as well as the apps that run on them, are becoming the primary enterprise computing platform worldwide. When these devices are stolen or lost, they become an easy way for hackers to steal sensitive data.
Breaches attract unflattering headlines and negative media attention. There are two questions executives at enterprises need to ask. “How secure is our data?” “What can we do to protect our data?”
First, it is crucial to build employee awareness of the risks and repercussions when sensitive data is compromised. Second, the damage from a serious data breach can be reduced through use of asset tracking software, mobile usage reporting, and MDM software. Third, timelier remote wiping of lost or stolen devices will help. Finally, enterprises need to adopt stricter mobility policies with better enforcement and clear guidance on what to do when a device is lost.Tags: mobile data, mobile security