3 High Profile Incidents That Highlight the Need for DLP Software

Data theft from inside a company is a growing challenge in the modern world. We now have an abundance of portable storage devices that provide an easy entryway for infection systems. A quick pop of a USB into a company’s endpoint, and a company’s private network of data is suddenly exposed.

Steps are being taken to ensure that this no longer happens, and it starts by securing endpoints – USBs, CD/DVD.s, Bluetooth connections, WiFi, and so on. The more ports you can protect, the safer your data is. There is some software available that can do just that as they provide file transfer logging services that can be set to different security levels for different staff.

In this blog, we look at three high-profile incidents that prove data loss prevention software is absolutely essential, and how it could’ve helped prevent the incidents from occurring.

Uber and Waymo

This incident involves two of the of the world’s most well-known companies. The story is that an employee for Google downloaded thousands of files and attempted to sell them to Uber. This employee worked in their autonomous car division, which is now Waymo. Google sued, and the lawsuit had only just been settled earlier this year.

Thousands and thousands of top-secret data files were stolen by a simple file transfer on a USB. If data loss prevention software had been used, then this could easily have been avoided. Google could’ve put added security on USB devices and so only a few select people in the whole organisation had access to the files on that particular computer.

Korea Credit Bureau

The second case comes from South Korea and is one of the largest-scale incidents of data theft on record. A whopping 20 million locals had their personal data stolen because an employee at the KCB was copying it onto a portable storage device.

Again, this is a classic example of how security software can step in and save the day. If the company used an endpoint protection software, they could block or restrict the access that portable storage device has to the computer. At the very least, they could use the software to gain reports on external devices and see that the employee kept using it and abusing the system.

Sage

The UK’s largest payroll company was hit by an internal data breach thanks to an employee that kept stealing it from computers. They logged into the computers and then extracted the data onto an external device. They eventually got caught, but plenty of customer data had already been stolen and was thought to be used for fraudulent purposes.

Again, data loss prevention software could’ve been put in place to ensure that no data could move off the internal computer onto the external device. This would’ve saved the company from having customer data stolen, which lead to a drop in their share price.

These are just the high-profile incidents, and this article doesn’t take into account the incidents that happen all over the world in small businesses. If you want to secure your company against insider data threats, then you need the best business software to do so. All these examples show that data loss prevention software is essential and could’ve prevented many incidents from happening.

CurrentWare’s AccessPatrol is a prime example of an extremely cost-effective software that will secure your endpoints and give you peace of mind that no expensive or damaging data breaches will occur in your business. With installation being extremely quick and easy, there is really no excuse for any business to go without this software.

Checklist: 7 things any good data loss prevention software should be able to do:

1. Control access to external devices – of course!!
2. Log file transfer across devices – file activity tracking allows administrators to monitor the movement of proprietry data to external devices. This gives admins full visibility of files moving from the network to the USB sticks, without imposing policies that restrict device usage.
3. Track file transfer activity when users are both offsite and on-site.
4. Schedule device restrictions at specific times of day – this gives the software flexibility to allow for certain instances when files need to be transferred.
5. Send Email Reports – device reports should be sent directly to the administrator’s inbox, so that any issues can be dealt with in real time.
6. Operate in Stealth Mode – in some situations it may be important that users do not know they are being monitored.
7. Set different security levels – the software should be able to provide access to certain files to some employees whilst not enabling others.

AccessPatrol provides a comprehensive solution for securing company computers to restrict unauthorized access from personal external storage media to steal your company’s proprietary information.

Find out more here: https://www.currentware.com/accesspatrol/

The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected.

• 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement
• 88% of IT workers have stated that they would take sensitive data with them if they were fired
• 72% of CEOs admit they’ve taken valuable intellectual property (IP) from a former employer
• 50% of respondents in a Symantec survey say they have taken information, and 40% say they will use it in their new jobs

These vulnerabilities need to be addressed as part of any insider threat management program. Click the button below to learn the best practices for protecting data during a termination and gain access to a downloadable IT offboarding checklist.