Panama Papers Highlight Security Gaps - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Data Management // Big Data Analytics
Commentary
5/16/2016
02:00 PM
Jon Martindale
Jon Martindale
Commentary
50%
50%

Panama Papers Highlight Security Gaps

The Panama Papers, Snowden, the White House, and Ashley Madison, along with other data breaches serve as reminders that when you are entrusted with conducting analytics on the data of others you better have your security act in order.

As much as analytics has given us some unique insights into the world through its collation of all sorts of data, as Spiderman's doomed uncle once told us, “With great power, comes great responsibility.”

Credit: Pixabay
Credit: Pixabay

That goes doubly so for analytics, because the power that analytics has is derived from someone else's data. That makes the analytics firm that has access to it just as, if not more responsible for it, since it's their expertise that is being brought to bear on another firm's private, confidential and even secretive information.

While you might be confident about the security at your firm, the practices you have in place and the oversight you have from dedicated digital security professionals, it's worth considering that there is always a way for information to leak. Whether it's through straight-up hacking, social engineering or in the case of Edward Snowden or the Panama Papers' leaks, simply because an employee decides they've had enough with what's going on and want to burn it all down.

Of course we wouldn't suggest that anything your company is up to is worthy of the leaks that took place in those cases, but it's certainly worth bearing in mind. Both the NSA and Mossack Fonseca are enormous entities, with many employees and workers, a number of which are employed specifically for their expertise in protecting digital assets.

Yet that didn't stop the information getting out.

The same can be said for cases where the information wasn't leaked for moral reasons. The White House Personnel Management systems were hacked in 2015 and so were Ashley Madison servers, revealing the personal data of millions.

Then there is the ever-present threat of foreign hackers.

While that sort of scandalous and personal information is unlikely to crop up in your average data silo, the more we are able to do with data, the more meaning we are able to extrapolate from the mountains of information companies are collecting, the higher value nefarious individuals will place on it.

So what can we do to mitigate those sorts of attacks?

Starting from the ground up by making sure that all employees are aware of important security information is perhaps the most important. Not trusting email or messaging attachments, using strong passwords, and requiring multiple layers of authentication before giving an unknown person information are a great place to start.

On a more technical level, encryption is important. While uninformed politicians may continue to paint it as a tool for criminals, in reality it can often be the best tool to combat stolen data. Applying a strong encryption level to as much as possible, especially when data is being stored rather than actively analysed, can go a long way to preventing major leaks from being catastrophic.

Considering the success some major tech firms have had with the practice, bug bounties could be a viable option too. At the very least, if you offer a reward for anyone finding bugs in your system, they're less likely to sell it someone who isn't as concerned with protecting your customers as you are.

 

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
10 RPA Vendors to Watch
Jessica Davis, Senior Editor, Enterprise Apps,  8/20/2019
Commentary
Enterprise Guide to Digital Transformation
Cathleen Gagne, Managing Editor, InformationWeek,  8/13/2019
Slideshows
IT Careers: How to Get a Job as a Site Reliability Engineer
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/31/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Slideshows
Flash Poll