In the digital world data is the new gold. Today, almost all enterprises have an online presence. The business deals, the intellectual property, the discreet clauses in a deal and everything is created, stored and shared online. In such an age data protection naturally assumes the centre stage.
Random Malware Attacks
The coming of Artificial Intelligence (AI) based technologies proves to be a double-edged sword. On the one hand, it cuts open many new avenues of technologies and on the other, it gives an edge to hackers. The bots are very intelligent means of conducting cyber-attacks.
The memory of the 2017 WannaCry attack still gives chills to software engineers across the world. The WannaCry ransomware used the Windows SMB exploit, also known as EternalBlue. Once it attacked a computer, it locks all your files and encrypts them making it impossible to access. It also spreads into other computers connected through the network.
Rise of Mobile Technology
The Microsoft Build 2019 was a feast for what is in store for modern workplaces. The actionable messages, the Fluid framework, etc. projects a workplace that makes work more mobile. The workplace apps now allow multi-device capability thanks to the advancements in mobile app development.
However, with scenarios like BYOD (Bring Your Own Device), comes a higher risk of data security. Almost 90% of US employees use their own smartphones at work, and some 60% of companies never remove business data from their employees’ devices. Moreover, a stunning 50% of the companies face breaches through employee devices. These figures indicate only the tip of the iceberg.
A coherent BYOD policy is thus essential to ensure the protection of data at workplaces. This policy should address the following areas:
- Acceptable norms for device use in the workplace.
- Installation of the minimum required security in the devices.
- Extending of rights to the company to alter device settings, e.g. wiping business-related data.
Winning Customer Trust
Every business employs some means of data collection from its customers. It is one of the reasons companies move online to get to know customer preferences more closely. However, capturing of data comes the responsibility to store it securely.
A survey shows that 64% of the customers are unlikely to do business with a company where their sensitive data was stolen. Whereas, 50% of the consumers won’t do business with firms where non-sensitive information was stolen. Hence, data security is synonymous with brand loyalty in the contemporary digital world.
Lopsided Adoption of Technology
The uneven spread of the latest technologies is the most valid reason why companies should take up data security seriously. In Asian countries, especially the developing countries, the rate of adoption of the latest technologies is abysmal. The government offices and other public sector companies still run on Windows XP.
During the WannaCry attack, Microsoft had to launch an emergency patch for Windows XP users. But by that time, it had already spread to many computers across the connected network.
Data breach implies multi-dimensional challenges to a company. The cost of security break is perhaps the most significant dimension. Companies often are reluctant to share such data as it could negatively affect the brand name.
The survey showed that it took companies more than half a million US dollars to recover from a security break-in. In case of small and medium businesses (SMBs), it is about 30000 US dollars on average.
The cost can be classified into two types:
- Direct cost – Includes the professional services the company must hire to contain the attack. It also considers lost business opportunities and downtime in economic terms.
- Indirect cost – It is the cost that comes in building defenses after attacks. The companies invest heavily after an attack to prevent another security attack breach, and this indirectly affects their budget.
Organizations need to focus their attention more on accidental data leaks by their staff, phishing and malware attacks. These are the top three IT security threats, according to Kaspersky Labs.
Security is an existential question for enterprises in the digital ecosystem. The more online and centralized the data systems become, the more are the chances of hackers and anti-social elements to use data smuggling as a vantage point.