By now, you have probably heard about the Panama Papers Leak, which leaked (and continue to leak) the names of high-profile persons who used fake companies to hide their wealth and/or avoid taxes.
The huge data leak, around 1.5 million documents were leaked from law firm Mossack Fonseca, which exposes how the rich and powerful allegedly hide their money across the globe.
The 11.5m files, which date back as far as the 1970’s, were obtained from an anonymous source by Süddeutsche Zeitung – a German newspaper. They were then passed on to the International Consortium of Investigative Journalists (ICIJ), a US-based group, and then distributed to various journalists and media organizations worldwide for analysis.
How these files were obtained remains a mystery. But it’s safe to assume that it was an inside job, which required privileged access to this huge amount of data. The anonymous source offered the 2.6 terabytes of data, which surpassed the combined total of the Wikileaks Cablegate, Offshore Leaks, Lux Leaks, and Swiss Leaks.
Prevention is better than cure; so you might as well get in touch with Sysfore to know more about securing your cloud data.
So how safe is your Data??
Can anyone with IT privileges and access get hold of your data? Where does your organization’s data security figure in this chaos? There are too much data, and too many ways for security breakdowns to occur. What will your company do to prevent these breakdowns?
It is this question that should be garnering more attention, especially for anyone who has to handle IT or security duties.
One possible theory circulated on how the Panama Papers breach happened is due to the sloppy patches and outdated plug-ins.
Mossack Fonseca uses WordPress on its main website and Drupal on the customer portal for sharing sensitive information, and both Its Drupal and WordPress sites were outdated, according to an extensive analysis by the team behind WordFence, a WordPress security plug-in.
Lessons learned from the Panama Paper Leaks:
There are fundamentally two key aspects to securing data:
- Access – who has the right to the data. Broadly speaking, this is authentication (user id, password, and perhaps other methodologies and validations).
- Protection – who is the guardian of the data. Who is responsible for the data. What precautions are taken, should someone break into a server, or an unscrupulous employee copy the data.
This wake up call to data security has made organizations take extra precautions and upgrading their existing security measures.
Prioritize your data – Know what data is valuable to you and your customers; set data protection depending on it. Set up Identity and Access Management (IAM) for all levels of your personnel and ensure it is not violated. You can use either Amazon or Azure Cloud IAM.
Data Redundancy and Replication – Spread your data across multiple infrastructures and locations to protect your information. Ensure latest technologies is employed and phase out your old legacy defenses and networks.
Educate employees – Train your employee about the latest security software, its use, recognize and spot the leak, block and report any suspicious attack.
The Panama Paper Leak is just the tip of the iceberg. If organizations want to safeguard their data in the future, the must bolster the perimeter, engage different authentication methods, educate employees and understand the strategy needed in a world where data, specifically stolen data, could be the end for your business and reputation.
You can employ Sysfore’s expertise in Cloud Security to boost your data security measures.
Give us a call at +91-80-4110-5555 or mail us on info@sysfore.com, to know more.