Panama Papers Highlight Security Gaps - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Data Management // Big Data Analytics
02:00 PM
Jon Martindale
Jon Martindale

Panama Papers Highlight Security Gaps

The Panama Papers, Snowden, the White House, and Ashley Madison, along with other data breaches serve as reminders that when you are entrusted with conducting analytics on the data of others you better have your security act in order.

As much as analytics has given us some unique insights into the world through its collation of all sorts of data, as Spiderman's doomed uncle once told us, “With great power, comes great responsibility.”

Credit: Pixabay
Credit: Pixabay

That goes doubly so for analytics, because the power that analytics has is derived from someone else's data. That makes the analytics firm that has access to it just as, if not more responsible for it, since it's their expertise that is being brought to bear on another firm's private, confidential and even secretive information.

While you might be confident about the security at your firm, the practices you have in place and the oversight you have from dedicated digital security professionals, it's worth considering that there is always a way for information to leak. Whether it's through straight-up hacking, social engineering or in the case of Edward Snowden or the Panama Papers' leaks, simply because an employee decides they've had enough with what's going on and want to burn it all down.

Of course we wouldn't suggest that anything your company is up to is worthy of the leaks that took place in those cases, but it's certainly worth bearing in mind. Both the NSA and Mossack Fonseca are enormous entities, with many employees and workers, a number of which are employed specifically for their expertise in protecting digital assets.

Yet that didn't stop the information getting out.

The same can be said for cases where the information wasn't leaked for moral reasons. The White House Personnel Management systems were hacked in 2015 and so were Ashley Madison servers, revealing the personal data of millions.

Then there is the ever-present threat of foreign hackers.

While that sort of scandalous and personal information is unlikely to crop up in your average data silo, the more we are able to do with data, the more meaning we are able to extrapolate from the mountains of information companies are collecting, the higher value nefarious individuals will place on it.

So what can we do to mitigate those sorts of attacks?

Starting from the ground up by making sure that all employees are aware of important security information is perhaps the most important. Not trusting email or messaging attachments, using strong passwords, and requiring multiple layers of authentication before giving an unknown person information are a great place to start.

On a more technical level, encryption is important. While uninformed politicians may continue to paint it as a tool for criminals, in reality it can often be the best tool to combat stolen data. Applying a strong encryption level to as much as possible, especially when data is being stored rather than actively analysed, can go a long way to preventing major leaks from being catastrophic.

Considering the success some major tech firms have had with the practice, bug bounties could be a viable option too. At the very least, if you offer a reward for anyone finding bugs in your system, they're less likely to sell it someone who isn't as concerned with protecting your customers as you are.


We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Future IT Teams Will Include More Non-Traditional Members
Lisa Morgan, Freelance Writer,  4/1/2020
COVID-19: Using Data to Map Infections, Hospital Beds, and More
Jessica Davis, Senior Editor, Enterprise Apps,  3/25/2020
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Flash Poll