It seems as though not a day goes by without a headline screaming that some organization has
experienced a data breach, putting the business – and its customers and partners – at risk. To keep your
own organization out of the news, it’s important to understand the most common causes of data
breaches and what you can do to mitigate the threats they present.
- Weak and Stolen Credentials, a.k.a. Passwords
Hacking attacks may well be the most common cause of a data breach but it is often a weak or lost
password that is the vulnerability that is being exploited by the opportunist hacker. - Back Doors, Application Vulnerabilities
Why bother breaking the door down when the door is already open? Hackers love to exploit software
applications that are poorly written or network systems which are poorly designed or implemented,
they leave holes that they can crawl straight through to get directly at your data. - Malware
The use of both direct and in-direct Malware is on the rise. Malware is, by definition, malicious software:
software loaded without intention that opens up access for a hacker to exploit a system and potentially
other connected systems. - Social Engineering
As a hacker, why go to the hassle of creating your own access point to exploit when you can persuade
others with a more legitimate claim to the much sought-after data, to create it for you? - Too Many Permissions
Overly complex access permissions are a gift to a hacker. Businesses that don’t keep a tight rein on who
has access to what within their organization are likely to have either given the wrong permissions to the
wrong people or have left out-of-date permissions around for a smiling hacker to exploit! - Insider Threats
The phrase “keep your friends close and your enemies closer” could not be any more relevant. The
rogue employee, the disgruntled contractor, or simply those not bright enough to know better have
already been given permission to access your data; what’s stopping them from copying, altering, or
stealing it?
- Physical Attacks
Is your building safe and secure? Hackers don’t just sit in back bedrooms in far-off lands, they have high
visibility jackets and a strong line in plausible pattern to enable them to work their way into your
building and onto your computer systems. - Improper Configuration, User Error
Mistakes happen and errors are made.