Data Privacy and the Role of IT and Tech Support with the Issues that Comes with it

Posted February 28, 2019 by Jacklyn Cañalita

What if one day you’d find out that your organization’s data were accessed by someone who do not have the authority? All the confidential files… sensitive information… everything were hacked.

Along with the revolutionizing digital environment comes with arising attacks on data. In fact, different organizations in the Philippines have suffered from this horror for the past couple of months. This security incident is called “Data Breach.”

So, you might be pondering right now as what you need to do when this happens.

Panic? Cry? Sleep and hope that these were all just a nightmare? Blame others?

Don’t be! Because our job, at i4 Asia Incorporated is to keep your data safe and protected. From data breaching attempts and hacking, we can save you the headache to keep your system running. We are here and are willing to work with your IT team to find the best data security solutions that fit your needs and your budget without causing interruptions in your daily work life.

 

If you are wondering why and how this happens and how to avoid them, just keep on reading.

Privacy is protected by various local laws and international treaties, that’s why it is alarming to think that this keeps on happening. Data breach is not always caused by an outside hacker. Here are the other reasons:

  •  There is an unauthorized insider who accidentally viewed the files and data.
  •  A sensitive data is disclosed through mistakes or negligence.
  •  An authorized insider intentionally accesses the data to damage an individual or organization.
  •  An unlocked device or external hard drive containing a sensitive information and confidential files went missing.
  •  An outsider maliciously collects information from an individual or a network.

So, how does data breach occur?

  • The attacker studies the weaknesses of their target to exploit: employees, systems, or the network; involving long hours of research or creeping on employee’s online networking profiles to perceive the foundation the organization has.

  • The attacker then initiates contact through a network-based where the attacker takes advantage of the target’s weaknesses like SQL injection, vulnerability exploitation, and session hijacking; or social attack where the the attacker uses social engineering strategy to creep in the target network like implicating a maliciously generated email to phish information.

  • Once the attacker is free to get the data from the network, they will use them for either blackmailing or cyberpropaganda that can carry out more damaging attacks on the target infrastructure.

A data breach can have a devastating impact on the reputation of an organization and financial bottomline. And because of this, big companies are being linked today with a data breach rather than their actual business operations.

Here are few things to do to prevent becoming a target:

  •  Update software as soon as option is available.
  •  Make sure to encrypt all sensitive data.
  •  Upgrade software when it is no longer supported by the manufacturer.
  •  Impose strong credentials and multi-factor authentication.
  •  Educate and train employees the right ways to handle threats when encountered.

 

Any organization could be a victim of an attack at a certain point. The aim is to keep the attempt away from turning into a data breach. Understanding what to do and who to call when this occur is the name of the game.

 

Jacklyn Cañalita