Recently, a Tesla insider (two former Tesla employees) leaked confidential Tesla data including Personally Identifiable Information (PII) data. This included people name, address, phone number and social security numbers.
Tesla offered 12 months of Experian’s Identityworks credit monitoring to all those who were affected. Luckily, the foreign outlet to whom the information was sold, did not misuse it. (News here and here)
How Tesla could have avoided this Insider data breach?
There are only a few possible ways in which this information got in the hands of these two employees. Firstly, if they had access to production data or reports that allowed them to have this PII information. Secondly, this information was unmasked in the Non-prod environment, and they were able to get it from there. Ofcourse, allowing to have this information downloaded on their personal devices itself was a big cyber security flaw.
We can help you with #1 – by helping you create roles and data security in Production so that user can not access critical data without proper authorization.
Kloudstage Can help you secure your non-prod environment by masking the data – including Date of Birth, SSN, email, addresses, marital status – more than 20 entities that can be masked and secured. And this masking works in a way that you can still use this data for testing and transaction – without the risk of getting compromised.
For a Kloudstage demo, click here