After the recent news about UK-based firm Cambridge Analytica’s relationship with Facebook, every common man learnt about the term ‘data breach’. This recent news generated headlines that stimulated a stormy conversation about the responsibilities of social media companies, application developers, and individual users in ensuring the ethical use of data.
The American company told the Union government that “a total of 5,62,455 people in India” were potentially affected by the unauthorized sharing of data, with UK-based Cambridge Analytica.
Facebook in its response to the government’s notice admitted that 335 users in India had installed the personality quiz app ‘thisismydigitallife’ through which their information was collected and compromised. A total of 5,62,120 additional people in India were potentially affected by the data breach, as friends of people who installed the app, the social network said.
In last few years, incidents of data leaks have been increased in India. Data breach incidents in India have been higher compared to the global average, according to the Thales Data Threat Report 2018. Lack of strong data protection and privacy regulations have made India highly vulnerable.
There are various causes of enterprise data breach. Below are some of the common and major causes:
External threats –
External threat is the biggest cause of enterprise data breach. External threats include malware attacks like virus, trojan horse, spyware, keyloggers, etc. These malicious softwares are used to compromise system’s functionality in order to delete or steal valuable data.
Human error –
Human error accounts for one of the major causes of data breach and identity theft. Human error is an innocent mistake. Human error incidents include,
• Sending confidential information to the wrong recipient or on wrong email address.
• Unknowingly sharing passwords or using weak passwords
• Loss of paperwork
• Falling victim to phishing or vishing scam
Even though human error is an innocent mistake, it can put an enterprise at great risk. Human errors can be prevented up to large scale by providing employee training and educating them about data security measures.
Insider misuse –
Insider misuse is close to human error but it is done intentionally whereas human error is unintentional. Insider misuse of data is done by internal member of an organization typically with an intention of personal benefit. No doubt it impacts functionality of an organization but often, the diameter of the damage is limited to the department or network of the employee who has conducted the fraud due to limited access. It is impossible to completely prevent internal misuse of confidential data, but it can be recovered up to certain extent.
Physical theft –
One of the severe causes of data breach is physical theft of corporate assets which have stored sensitive information. These assets include pen drives, CDs, DVDs, hard disks, laptops, smart phones or tablets. These devices must be password protected and data should be encrypted to lower the damage.
Preventing identity fraud and data breach completely, is impossible. But protecting your data is in your hands. Hence these days, many businesses are taking preventive approach towards data breach by undertaking certain key measures.
By educating employees about data security measures like how to generate complex passwords, risks involved in password sharing, how to encrypt sensitive data, awareness about malware and phishing attacks, and giving limited access to employees can lower the chances of corporate data theft.
Last but not the least; consider using strong anti-malware softwares which can protect data from external threats. Consider using best identity protection programs like ‘Cyberior Digital Identity Protection’ which gives comprehensive protection to your digital identity.