4 Causes of Electronic Data Breaches and How to Prevent it…
Since 2009, electronic data breaches occurred three times more frequently than paper-based breaches!!
This coming from the U.S. Dept of Health and Human Services. Out of the reported breaches that affected 500 or more individuals, 73% of them were electronic. Adding up to a total of 10,122,893 people who’s personal information somehow got in hands that it did not belong to. “On average, approximately 48,000 individuals were affected per electronic data breach” – Old data learns new tricks
The number 1 cause was THEFT.
66% of the electronic data breaches came from theft. Medical identity theft is the fastest growing form of identity theft. Often times people steal this and attempt to seek medical attention under another person’s name.
Second cause was LOSS.
14% of e-date breaches can be blamed on lost laptops, tablets and mobile devices that contain personal health information for patients.
Third reason: UNAUTHORIZED ACCESS/DISCLOSURE.
10% of those electronic data breaches are a result of people (ex. colleagues or patients) logging into devices at offices while not being authorized.
Fourth cause is due to HACKING/IT INCIDENTS.
9% of electronic data breaches are the fault of hackers and and viruses. Hackers get smarter by the minute and your organization must always stay 2 steps ahead of them in order to keep them away from your data.
In order to protect your organization from becoming a victim of data breaches.. and avoiding big penalties.. you must implement and enforce several steps.
1) It starts with making everyone aware of how important data breaches are.
2) Implement a monitoring system, where you can monitor each device in your network.
You can monitor:
- unauthorized use of computers
- intrusion attempts into your servers
- intrusion attempts by hackers into devices
- anti-virus/spamware status
- and much more
3) Perform vulnerability scans on a regular basis. Scans will keep you up to date on where the flaws in your network are and what the suggested solutions are.
4) Enforce strong passwords. Passwords that ask for:
- at least 6 characters
- dont contain their names
- combination of capital & small letters
- numbers
- symbols ($, ^, ! etc)
5) Install encryption programs on devices. So that if a loss does occur, the data will be encrypted and not accessible.
6) Keep devices and patches up to date. Patches contain the most up to date security fixes. Not updating your patches leave doors open for intruders.
7) Have all devices have auto-log off when no-one is on the computer for longer than 20 seconds. People often forget to log off when they run to the restroom or go out for lunch. This leaves their workstations open for unauthorized use.
Leave a comment and tell us what you think!
About Edson Monteiro.
Edson is a compliance & security specialist, as the President of Sentinel Digital Systems and author of Tech-Source blog, he helps small businesses meet guidelines and saving them big bucks on penalties.