CTO of Data Protection for Gemalto Jason Hart points out common data security risks companies and individuals face on an everyday basis. Hart suggests some best practices for oganizations to use employ that greatly decrease these risks and help secure the information on your devices from hacker attacks over wifi networks. See more at: http://gulfnews.com/gntv
Category
🗞
NewsTranscript
00:00For me, there's three common elements.
00:11If you're accessing data in a cloud environment, ensure to use multi-factor authentication
00:17or two-factor authentication.
00:20If also your data is stored in the cloud and it's sensitive, make sure it's being encrypted.
00:26So in the event that environment is compromised and the data is stolen, the data is rendered
00:32useless, and we call that a secure breach.
00:35And that could be anywhere in your business.
00:37If the data is protected and encrypted, and it is breached, and they copy that data, providing
00:43it's encrypted, we call that a secure breach.
00:46And that's what you want.
00:47You want a secure breach.
00:48You don't want an unsecure breach.
00:51And secondly, if you're encrypting the data, you will generate a key that's a master key
00:56to unlock the encryption.
00:57You need to store that separate from the data that's being protected.
01:06The biggest downfall we see, and the easiest route for or way in for bad guys, is where
01:13there's a password control.
01:16Phishing attacks, spear attacks.
01:18What happens is, the user's tricked into giving away their username or password.
01:24That's the majority of the way that a lot of the attacks occur.
01:32A lot of the time, if an organization has been compromised, it will be unknown.
01:36They won't be aware of it until a reputational issue occurs and it hits the press.
01:44So if your password is locked out, and you try logging in and it's not accepted, that
01:49could be a sign.
01:51And the problem nowadays is, a lot of these attacks are invisible.
01:59And for me, I just want to get businesses and organizations back to the fundamental
02:04basics of information security.
02:06It's all about data.
02:08Where is the data and how is the data being protected?
02:11But they need to focus on the level of confidentiality, the integrity of the data, and can they provide
02:17accountability and auditability around data.
02:20And for me, it's the fundamental basics of information security.
02:24And if we were doing the basics properly, we could radically reduce the number of attacks
02:28and breaches we see today.
02:34For any organization, there is a one-size-fits-all best practice.
02:40So who's accessing the data and where are they accessing it from?
02:43Eradicate static passwords and replace them with a one-time password.
02:47Any data, sensitive data, encrypt it.
02:51And if you're encrypting the sensitive data, make sure you're storing the key to unlock
02:56the encryption in a safe, secure place.