Data Security: Part 2
Oct 12, 2015
Data theft: it’s a universally challenging IT security threat, and for the modern financial services company it represents an always evolving one that must be robustly managed and protected against.
Data theft – A particularly relevant threat for the financial services company
Data theft within any commercial realm represents a serious and always relevant threat upon the IT security landscape, however within the financial services realm it of course represents not only the potential for financial loss, but also for the loss of legally protected data, not to mention the potentially company ending loss of good will that would be accompanied with each.
The ever evolving world of IT security threats
One of the very first elements of IT security to truly grasp is that it is a realm that never stops evolving and just as tech experts can advanced in their protective measures, equally cyber criminals find new and evolved ways of compromising systems. The perfect example of which, at least within the data theft realm, is that of Spear Phishing, which has evolved from its less sophisticated counterpart of Phishing. And this particular method of security threat we look at next.
Phishing, Spear Phishing and a method that fooled a leading security company
There is no better an example of just how effective Spear Phishing can be than the case study of EMC (a subsidiary company of Global security firm: RSA). Various employees within this firm, most notably within the company’s HR department, were targeted with a file named simply ‘2011 Recruitment plan.xls’. Upon being opened a virus was introduced to the systems throughout the company, unlocking a critical backdoor which remained open to allow for the stealing of data that would eventually lead to US defence bases, and their employees, being compromised.
Data theft: Other threats upon the horizon
Beyond Spear Phishing there exists an almost innumerable amount of ways in which data can be stolen, however most commonly the typical company faces the following tactics:
- Hardware theft – For the financial services company this may be a complicated threat to protect against, particularly where many employees undertake remote working;
- Password cracking – Password cracking is subject to an extensive array of methods, however most common (and most underappreciated of all) is the human element of passwords, where obvious words and phrases are chosen, and where other bad practices are undertaken (such as password sharing, leaving computers unlocked and not changing passwords frequently).
- Eavesdropping – Eavesdropping is a technical method that involves the theft of data sent over insecure lines. To overcome this data must be encrypted.
Couno have been protecting the data of some of the world’s most important financial companies for in excess of 40 years. With Couno, your data truly is in the very best, most experienced and advanced of technological hands. Talk with the Couno Security team today about how your data can be amongst the most well protected on the industry.