As organizations increasingly rely on cloud apps and services and store more data, implementing proper practices and processes is essential to mitigate risks such as unauthorized access, data leaks, and compliance violations. Organizations can help avoid these challenges by adopting several best practices, including data encryption, zero-trust architecture (ZTA), regular compliance and security audits, scheduled backups, ongoing training and education, third-party checks, and dedicated maintenance.
As technology evolves, so does the sophistication of hackers. Today, if a company’s security is breached, those with a great deal of financial or personal user information are more prone to ransomware if robust security practices are not already in place. This is why regulations such as the California Code of Civil Procedure (CCP) and the General Data Protection Regulation (GDPR) require many companies to protect users’ data better, and if they don’t, they are subject to heavy fines. In addition, customers are likely to stop trusting an organization, particularly financial institutions or healthcare organizations, with sensitive, personal data once its system has been breached.
According to the Hiscox Group 2024 Cyber Readiness Report, nearly half (47 percent) of affected businesses reported difficulties attracting new customers following a cyberattack, more than double the rate reported the previous year (20 percent). Additionally, 43 percent of companies lost existing customers (up from 21 percent), and 38 percent suffered negative publicity (up from 25 percent). “Businesses invest years and significant resources to build their reputations, only to see them compromised within minutes during a cyber-attack,” said Hiscox Chief Information and Security Officer Eddie Lamb. “Continuous cyber education and awareness across all levels of an organization are essential to maintaining security.”
To maintain trust with customers and stakeholders, it’s crucial for companies to safeguard data integrity. While no system is 100 percent foolproof, recognizing some of the main ways hackers can access data is the first step in correcting them. Methods include accessing systems through stolen credentials, non-compliance with GDPR or CCPA regulations, insufficient encryption, weak passwords, and vulnerabilities in third-party integrations. Today’s hackers can even track keystrokes to access data.
One issue that has wreaked havoc in companies is leaks due to weak authentication because of misconfigured cloud storage or apps that have allowed hackers to retrieve company data through access to admin privileges. This huge vulnerability was made evident in March 2019, when Capital One Bank was the victim of a significant cloud data breach due to misconfiguration, and the company was hacked by a former Amazon Web Services (AWS) employee. The institution was forced to pay out $190 million to customers whose data was stolen and an $80 million fine for not undertaking a thorough risk assessment before moving its operations to the cloud and not rectifying the issues promptly.
Similar breaches occurred at other major companies that were found to be negligent when securing their cloud storage, including T-Mobile in 2021 and Apple also in 2019. These breaches highlight the need for more robust security guardrails, particularly as a Gartner survey predicted that more than 95 percent of digital workloads will be deployed in cloud computing environments by 2025.
A proactive approach
While these examples are disconcerting, on the positive side, there are several approaches companies can use to shore up their security and proactively identify potential vulnerabilities. Various third-party vendors or services can help companies look at their infrastructure and how they handle their security. They provide audits and compliance reports, delineating what new systems should be implemented, what needs to be improved, and what is outdated. For smaller companies, Amazon Web Services (AWS) security hub and inspector and Microsoft Azure’s (MSFT) defender for cloud have built-in tools to detect potential security issues that can be run internally through a company’s IT department.
There are also a variety of monitoring systems, including intrusion detection systems (IDS), security information and event management (SIEM), and data loss prevention (DLP). These programs log access into systems and allow companies to reverse engineer breaches to discover what credentials were utilized in the hack and potentially determine which people were involved.
Never trust, always verify
The tools employed by each company are necessarily driven by the organization’s size, budget, and sensitivity of information in its possession. A robust system employing ZTA is key. Working on the premise “Never trust, always verify,” ZTA ensures that no company’s systems or workers are automatically trusted. ZTA demands continuous evaluation and verification through various protocols, including implementing multifactor authentication for identity verification through Identity and Access Management (IAM). This allows companies to determine which employees have permission for specific functions and ensures that nobody can access everything by default. Additionally, IAM can create timed permissions that can be set to expire every few months or even every few days. Organizations can also ensure they use real-time backup solutions that incorporate disaster recovery with encrypted data at rest using programs such as the advanced encryption cipher (AES)-256 and in transit using a protocol like transport layer security (TLS), so the data is always protected.
One of the most cost-effective methods to secure data is employee training via in-person sessions or training videos that address best practices, including reminding workers not to share data. Companies can also use practical methods with workers by sending a simulated phishing attack to see which employees fall for them and then explain how to spot these in advance. In that vein, companies can also ensure they are using sophisticated email clients with built-in phishing detectors.
With the rise in hackers accessing entire security systems, it’s crucial for employee training to be one of the first and strongest lines of defense. Companies can address potential breaches by determining which employees have access to which data and training them on what to monitor. Vigilance and adoption of ever-sophisticated tools will assist companies in thwarting hackers and quickly determining when their systems have been hacked and how to prevent further issues.
Disclaimer: The views expressed in this article are those of the author and may not represent the opinions of his employer.
About the Author
Hardik Shah is a Software Engineer at Microsoft Corporation, where he works in research and development for Microsoft OneDrive Sync. He is responsible for developing and maintaining sync algorithms using C++ and led a project to migrate 300M+ live users by developing migration sync algorithms, ensuring data integrity and security. Hardik holds patents in the space and has also contributed to the development of MyCase Drive. He holds a bachelor’s degree in computer engineering from the University of Mumbai, India, and a master’s in computer science from Northeastern University in Boston, Massachusetts. Hardik can be reached at [email protected] on LinkedIn and www.microsoft.com.
