Top Ten Data Threats and How to Guard Against Them: Weak Due Diligence
Here at Futurex, we know a thing or two about data security. Most importantly, we understand that critical data is at the heart of any organization and protecting these assets from being compromised is essential. 2016 will bring new data threats to companies and businesses, and Futurex wants to help protect the health of your organization. Over the coming months we will present our own list of Top Ten Data Threats across the Globe and will offer solutions for organizations looking to bolster their data security infrastructure.
A strong business need for data security and encryption is present in every industry, regardless of scale and reach. We live in a digital world. If a business stores or transfers data digitally, whether through payments, e-mail, customer databases, etc., encryption is essential. For small and medium sized businesses, securing this data is often outsourced to third party service providers. In fact, it is estimated that by 2018 more than 50% of organizations will outsource their security infrastructure needs to third party vendors.* With so much data being secured outside of the direct parameters of a business we come to our second threat…weak due diligence of third-party data security providers.
The food industry provides a great comparison. Restaurants rely on food vendors to supply its kitchens. That third-party vendor, even the farmer who grew and harvested the food, plays a major role in the physical health of consumers and in the reputation of that restaurant. Although the farmer plays a critical role, the restaurant itself is ultimately responsible for serving its customers fresh, safe, delicious meals. The same can be said of data security. These vendors are at the heart of any organization, but ultimately the business is responsible for any data breach.
A key component in researching the right data solution provider is understanding government compliance and requirements. Security risks change and new threats emerge. Fortunately, academic research can predict the time it will take hackers and outside threats pose a risk to encryption algorithms. Government regulations reflect this information. For example, the value of certain older cryptographic algorithms has been deprecated, with newer technologies taking its place. Use of these algorithms may still be allowed, however the user accepts a level of risk by using them.* Eventually, they will be phased out completely, termed by government authorities as unsafe.
Bottom line—do you trust your data security provider?
Critical questions to ask Third-Party Providers:
- How long have they been in business?
- Do they have a proven track record for protecting critical data?
- Do their employees, data specialists, engineers and partners have the education and professionalism you require?
- Are their products and services in compliance with all government requirements and regulations? Do their products surpass basic requirements?
- Do they provide support after initial installation?
For questions or advice, contact a Futurex Solutions Architect—and stay tuned for our next installment of Top Ten Data Threats across the Globe.
*NIST Special Publication 800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths