Do you really know who is in control of your data?

Posted by Susan Sison on Oct 30, 2015 4:24:00 PM

Data is the lifeblood of the modern world. The right series of ones and zeroes can paint a picture of where a person has been throughout the past decade, purchase a lifetime subscription to an obscure magazine, or give a detailed history of every medical procedure a person has undergone - from scabies to surgery. The importance of information has resulted in a fully-fledged underground enterprise designed to acquire it and transform it into power, whether that be through direct currency theft, using credentials to gain access to more critical information, or malicious actions that can result in lost livelihoods and lost lives.

in control of your data

Password Correct

The two simple words that comprise the title of this section represent an affirmation of power. Once an account on a modern computer has been opened, most systems are incapable of determining whether the user is the account's owner.

This is less consequential within the home where the most likely outcome of a lack of access control is an uncomfortable familiarity with whoever decided to use the computer while the intended user weren't paying attention. It is still advisable to secure home networks as much as possible due to the amount of personal information shared through social media, online storefronts, and any websites that require vital data such as those of banking institutions and health care facilities.

In the business environment where accounts are tickets to sensitive information like the financial records of customers, one lapse in control can cause the user to be responsible for the fallout of a data breach that results in extensive fines and punishment.

The Cost of Unauthorized Data Access

In a 2015 study performed by the Ponemon Institute and funded by Hewlett-Packard, the mean cost of an average data breach incident was over 7 million in US dollars for companies located in the United States, Germany, Japan, Russia, Brazil, the UK, Australia, and Japan. The total cost of cyber crime in a sample size of 252 companies was $3,885,840,000 in the United States alone.

Being a small company offers no immunity from the damage. The study found the opposite to be true: smaller organizations paid over three times as much per capita as their larger counterparts. Web-based attacks, malware, viruses, trojans, and worms were more impactful on small companies, while Denial of Service attacks were almost twice as effective against larger companies.

The costs manifest in a variety of ways. External ones include business disruption, information loss, revenue loss, and equipment damage. The internal issues can range from improving detection methods to investigating the source of the breach.

Data and the Continuation of a Legacy

Although interference from inclement weather is rapidly rising up the ranks of the major threat concerns to business continuity, data security and network infiltration still remain two of the top three issues that businesses reported fearing the most according to the BCI. Data security can also play a role in three of the other top ten threats: security incidents, acts of terrorism, and issues related to laws and regulations. The Ponemon report also indicates that the fear is grounded in reality with increases in the frequency of cyber attacks increasing by as much as 29% from the 2014 figures, with 39% of the external costs incurred from business disruption alone.

Put Data Back in Your Control

Access management and data control are integral elements of a modern business. For more information on how to organize your data structure to maximize the effectiveness of user access controls, contact NCA Today!

Network Computing Architects, Inc. is a premier provider of high quality sustainable and secure networking, information security solutions and unified communications. We partner with our clients to provide answers to business initiatives where leading technologies converge.

NCA achieved ISO 27001:2005 certification in December 2007 and is currently ISO 27001:2013 certified. The scope of NCA's ISMS is client confidential information within NCA Professional Services Practice.