The Paradise Papers have caught everyone’s attention, but very few of us are addressing the fact that this incident reflects a serious lack of awareness when it comes to data protection.
Regardless of what has been revealed, the fact remains that a firm’s cyber security has been compromised, and data has been leaked.
News like this should serve as a warning to companies. Businesses should start reviewing their IT security immediately in order to prevent customer and staff information from being leaked.
Getting up to date
If a business is relying on outdated processes and systems, its security can be compromised easily – both from within and outside the company.
Challenges, such as staff reusing the same password and not updating the software, can create a porous enterprise where data can be easily stolen.
A commitment from IT to regularly update security firewalls can go some way towards keeping the company’s defences secure. At the same time, data leak prevention systems should be considered.
At a minimum, staff should be using multi-factor authentication to improve their passwords, and only keep classified documents on encrypted systems and devices.
Look beyond passwords
However, technology alone is not enough. All employees also need to be educated on how to spot, block and report suspicious activity to prevent data from being leaked.
They should feel comfortable raising any concerns about internal vulnerabilities and also recognise when an external threat is present.
Even responding to a seemingly innocent phishing email or falling for a convincing phone call can unintentionally provide all the details needed to access a company’s data. This means that a wealth of information can be stolen without the business realising it – because the IT network believes that these actions are being carried out by a verified member of staff.
Don’t be complacent
Data breaches like the Paradise Papers should never be ignored.
Updated security parameters are an easy way to bolster security in this area, but that is just the start.
It’s ultimately a combination of staff training, senior management accountability, and robust IT controls that will help keep a business secure and allow operations to continue as usual.