Cybersecurity company Risk Based Security recently issued a summary assessment of the state of data protection for the first half of the year. The outfit’s 2021 Mid Year Report: Data Breach QuickView report offers a bunch of statistics and contextual analysis that isn’t surprising for anyone who has been paying attention, but is informative.
The primary takeaway is that, while “hacks” are down overall in the U.S. (1,243 compared to 1,252 for the first half of 2020), ransomware attacks are up. Way up. Out of all breaches, 352 included malware as a component of the attack, the report states.
Prevent the Preventable
Big breaches get attention, and dramatic breaches get a lot of attention. But one aspect of the report we found interesting was the prevalence of “insider” data breaches. Worldwide, of 1,767 total breaches, 243 (13.7%) were attributed to insiders, and of the 243, 143 (58.8%) were accidental and 55 (22.6%) had no known cause. The rest were the result of malicious insider shenanigans, which means as many as 81.4% of insider data breaches were the result of mistakes or technical errors—most of which are preventable.
How do you prevent or minimize the chance of a data breach that is the result of a mistake? One way is by automating the file transfer process, including encrypting data in motion. Software automation, also known as robotic process automation (RPA, which we recently wrote about), minimizes the propensity for human beings to make mistakes performing the kinds of repetitive tasks that file transfer requires. That’s because RPA doesn’t get sick, bored, distracted, frustrated, angry, or simply succumb to the phenomenon of having a bad day. RPA does what it is programmed to do, when it is programmed to do it.
When someone makes a mistake during the process of sending medical files, breaches occur.
When someone makes a mistake compiling and mailing tax forms, breaches occur.
When someone misconfigures the settings in a cloud storage system, breaches occur.
Horrible, Embarrassing, Expensive
Whether the transfer of sensitive medical records, legal files, intellectual property, financial records, or any other information that has a compelling reason to be protected is a one-time event or one that occurs on a regularly scheduled basis, there are steps that must be taken to ensure the information is protected.
- Is it the correct file?
- Is it going to the correct location or recipients?
- Is it encrypted?
- Is there an auditable record of the transfer?
- Is there a confirmation of the task’s successful completion?
These are all simple things that any competent person can do. These are all simple things that any competent person will do 99% of the time. But the one time it doesn’t happen might be all it takes for things to go horribly, embarrassingly, and expensively wrong.
Secure, managed file transfer won’t solve all of your data management problems. But when you have to move sensitive files from your server or cloud storage service to another location, it can be a vital component in making sure it happens the way it is supposed to. And even when someone is having a bad day, Diplomat MFT will see to it that it doesn’t get any worse.
