Cloud Security 101: Data Breach Training Can Save Millions
Data security has been a hot topic in recent years as more big name organizations report costly data breaches. Equifax, Sony, Capital One and Targetare among several billion-dollar corporations to lose sensitive data at the hands of cyber criminals.
As a result, security teams all across the world are scrambling to protect their own corporate data with enhanced cloud security. Yet more data breaches are being reported at a faster rate than ever, and the statistics are staggering:
- The United States is the No. 1 target for hacks, according to Norton by Symantec
- Juniper Research in 2018 indicates the United States will account for more than 50% of hacks by 2023
- Forbes reports data breaches could result in an estimated $6 trillion in damages by 2021
- The first six months of 2019 has seen more than 3,800 breaches with 4.1 million compromised records.
An even more shocking statistic is that the majority of all data breaches are a result of employee misuse or error. Let's talk about one of the more notorious hacks in recent years. In 2013, the American retailer Target fell prey to one of the most infamous and costly data breaches ever reported with an estimated cost of 148 million dollars and 110 million affected accounts— and growing. In this case, the hackers actually gained initial access by phishing credentials from a Target employee. That same year, Yahoo suffered a breach that hit at least 3 billion user accounts in the same year.
What's more, as a ZDNet article points out, many companies don't realize they've been hacked for at least 6 months. A lot of damage can be done in this time between the actual breach and discovery of the crime. Data breach threats are real.
In fact, these incidents are a perfect example of why end user education is critical when protecting corporate data. Had the employee been properly informed about cyber security, the data breach would likely have never happened. So how do we educate our employees to work safely in the cloud?
Providing data breach training to your end-users about the following critical topics can significantly reduce your chances of data loss.
- Phishing: Train end users how a phishing email appears, and what steps to take if they think they are being phished.
- Password Hygiene: Explain the differences between strong and weak passwords, and other “best practices” such as not using the same password for multiple sites.
Multi-factor Authentication: Make multi-factor authentication available when possible — and teach your employees how to enable it.
- Mobile Device Security: Train or require employees to encrypt their devices and lock them with a PIN or pattern match.
At Onix, we strongly believe in the importance of user education and data protection. We promote the most secure cloud solutions on the market, but they are only as secure as our customers’ end users. To bridge that gap, we’ve developed a cybersecurity program designed to train your users and protect your data from any breach.
Onix Cybersecurity Offering
- Penetration testing to gauge your organization’s susceptibility to phishing attacks
- End user surveys to rate the overall security status of your company
- Instructor-led security training for your end users
- An instructional Intranet security site customized for your company
- Email templates to send to your employees
- A printable series of posters to display in your offices.
We also work with such partners as Actifio, Amazon Web Services, BetterCloud, Checkpoint and Google Cloud to enhance the solutions we provide through technological innovation.
This article is has been updated from the original, which was published on Feb.9, 2015.