Data theft from inside a company is a growing challenge in the modern world. We now have an abundance of portable storage devices that provide an easy entryway for infection systems. A quick pop of a USB into a company’s endpoint, and a company’s private network of data is suddenly exposed.
Steps are being taken to ensure that this no longer happens, and it starts by securing endpoints – USBs, CD/DVD.s, Bluetooth connections, WiFi, and so on. The more ports you can protect, the safer your data is. There is some software available that can do just that as they provide file transfer logging services that can be set to different security levels for different staff.
In this blog, we look at three high-profile incidents that prove data loss prevention software is absolutely essential, and how it could’ve helped prevent the incidents from occurring.
This incident involves two of the of the world’s most well-known companies. The story is that an employee for Google downloaded thousands of files and attempted to sell them to Uber. This employee worked in their autonomous car division, which is now Waymo. Google sued, and the lawsuit had only just been settled earlier this year.
Thousands and thousands of top-secret data files were stolen by a simple file transfer on a USB. If data loss prevention software had been used, then this could easily have been avoided. Google could’ve put added security on USB devices and so only a few select people in the whole organisation had access to the files on that particular computer.
The second case comes from South Korea and is one of the largest-scale incidents of data theft on record. A whopping 20 million locals had their personal data stolen because an employee at the KCB was copying it onto a portable storage device.
Again, this is a classic example of how security software can step in and save the day. If the company used an endpoint protection software, they could block or restrict the access that portable storage device has to the computer. At the very least, they could use the software to gain reports on external devices and see that the employee kept using it and abusing the system.
The UK’s largest payroll company was hit by an internal data breach thanks to an employee that kept stealing it from computers. They logged into the computers and then extracted the data onto an external device. They eventually got caught, but plenty of customer data had already been stolen and was thought to be used for fraudulent purposes.
Again, data loss prevention software could’ve been put in place to ensure that no data could move off the internal computer onto the external device. This would’ve saved the company from having customer data stolen, which lead to a drop in their share price.
These are just the high-profile incidents, and this article doesn’t take into account the incidents that happen all over the world in small businesses. If you want to secure your company against insider data threats, then you need the best business software to do so. All these examples show that data loss prevention software is essential and could’ve prevented many incidents from happening.
CurrentWare’s AccessPatrol is a prime example of an extremely cost-effective software that will secure your endpoints and give you peace of mind that no expensive or damaging data breaches will occur in your business. With installation being extremely quick and easy, there is really no excuse for any business to go without this software.
AccessPatrol provides a comprehensive solution for securing company computers to restrict unauthorized access from personal external storage media to steal your company’s proprietary information.
Find out more here: https://www.currentware.com/accesspatrol/
The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected.
These vulnerabilities need to be addressed as part of any insider threat management program. Click the button below to learn the best practices for protecting data during a termination and gain access to a downloadable IT offboarding checklist.
Cookie | Duration | Description |
---|---|---|
__cfruid | session | Cloudflare sets this cookie to identify trusted web traffic. |
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
JSESSIONID | session | The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application. |
LS_CSRF_TOKEN | session | Cloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed. |
OptanonConsent | 1 year | OneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
_zcsr_tmp | session | Zoho sets this cookie for the login function on the website. |
Cookie | Duration | Description |
---|---|---|
_calendly_session | 21 days | Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar. |
_gaexp | 2 months 11 days 7 hours 3 minutes | Google Analytics installs this cookie to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_GY6RPLBZG0 | 2 years | This cookie is installed by Google Analytics. |
_gcl_au | 3 months | Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services. |
_gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
Cookie | Duration | Description |
---|---|---|
_opt_expid | past | Set by Google Analytics, this cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that is being redirected. |
IDE | 1 year 24 days | Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile. |
NID | 6 months | NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads. |
test_cookie | 15 minutes | The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies. |
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
_dc_gtm_UA-6494714-6 | 1 minute | No description |
_gaexp_rc | past | No description available. |
34f6831605 | session | No description |
383aeadb58 | session | No description available. |
663a60c55d | session | No description available. |
6e4b8efee4 | session | No description available. |
c72887300d | session | No description available. |
cookielawinfo-checkbox-tracking | 1 year | No description |
crmcsr | session | No description available. |
currentware-_zldp | 2 years | No description |
currentware-_zldt | 1 day | No description |
et_pb_ab_view_page_26104 | session | No description |
gaclientid | 1 month | No description |
gclid | 1 month | No description |
handl_ip | 1 month | No description available. |
handl_landing_page | 1 month | No description available. |
handl_original_ref | 1 month | No description available. |
handl_ref | 1 month | No description available. |
handl_ref_domain | 1 month | No description |
handl_url | 1 month | No description available. |
handl_url_base | 1 month | No description |
handlID | 1 month | No description |
HandLtestDomainName | session | No description |
HandLtestDomainNameServer | 1 day | No description |
isiframeenabled | 1 day | No description available. |
m | 2 years | No description available. |
nitroCachedPage | session | No description |
organic_source | 1 month | No description |
organic_source_str | 1 month | No description |
traffic_source | 1 month | No description available. |
uesign | 1 month | No description |
user_agent | 1 month | No description available. |
ZCAMPAIGN_CSRF_TOKEN | session | No description available. |
zld685336000000002056state | 5 minutes | No description |