In 2021, we began to hear the news of data leaks from many companies. While some of this news was current, some of it had occurred months or even years earlier. But does this mean that data leaks have increased in recent days?
No. These types of data leakage attacks have been happening since the advent of the digital age in our lives. But since data leaks are hard to come by, we were hardly aware of it.
Now, in light of the laws published by regulatory agencies such as kvkk and gdhra, agencies experiencing data leakage are obliged to report it. So now we often hear the news of data leak attacks. So, what exactly is data leakage?
Data leakage is, in fact, information transfers and digital actions that are carried out maliciously or unconsciously, as the name implies, due to human error. In other words, it is called the removal of personal data from the organization by accidental or malicious persons.
Second-hand devices and data leaks should not only be considered corporate. There are also data leaks on second-hand devices where we cannot transfer their data correctly.
Based on research by a leading brand on the cybersecurity side, a review was carried out on second-hand devices. Devices that generally contained personal data also contained traces of corporate data. Researchers found that more than 16% of the devices had direct access, and applied file-craving to the devices. They reached the contents of the remaining 74% of the device. This showed that only 11% of the data was deleted properly.
The data reached by the researchers contained many items such as calendar records, company sources, meeting notes, personal photos, videos, access data, tax documents, medical information, internal documents, bank details, login credentials. This suggests that second-hand devices can be very dangerous when they meet malicious people and that numerous leaks of data about the person or organization can occur.
The subject of data leakage is one in which we may find ourselves in a difficult situation at a moment without realizing it. So what are the basic measures to take in this regard? There are 2 basic precautions that must be taken to support firewall and database security.
The first data classification It is the classification of data we call it. Since not all data is at the same level of privacy, data such as marketing materials can be easily shared with non-entities. Some data should only be shared with employees of the organization or only senior managers. Being able to organize this in a healthy way goes through the correct classification of the data.
Another precaution, dlp (data loss/leak prevention) systemn is the establishment. The dlp system is the defined system for identifying, protecting and monitoring data in motion and pending. In classified data, it more accurately determines the location of data in the overall workflow and regulates erroneous flows. However, complete protection should not be expected with these two systems, and it should be borne in mind that there is a precaution against data leakage.
Disclaimer: All rights to any articles and content published belong to Efilli Software. All or part of any content, such as text, audio, video, and even if the source is shown or the active link is provided, cannot be used, published, shared or modified.
