What’s the penalty for losing a 100-million strong customer database?
Have you read the recent article by Warwick Ashford (Security Editor, ComputerWeekly.com) (1) on the settlement that US retail giant Target paid for the 2013 data breach? Well, on records, it summed up to $220 million including legal fees and other associated costs. Maybe it was more
However, what is of importance here is that one fundamental question: How did the data get out? Ostensibly, the credentials of a ‘heating, ventilation and air conditioning’ contractor from Pittsburg were stolen. Using the credentials, the cyber criminals gained access to Target’s database, which included “customers’ full names, phone numbers, email addresses, home addresses and payment card data such as expiration dates, encrypted security codes and encrypted PINs.”
In early 2014, the Retailer’s IT department affirmed that the established IT security system had raised a high volume of alerts. However, due to the incredibly high volumes, the alerts were ignored. In March that year the CIO, Beth Jacob, resigned followed by the chairman Gregg Steinhafel soon after.
Authentication alone will not do. Constant monitoring is necessary.
While this definitely raises the need for a strong multi-factor authentication system for those who are within the system, what is equally, if not more, important is a robust and fool proof mechanism that constantly monitors data flow – uploads, downloads, formats, time and across every other vital parameter.
While on hind sight it seems plain enough, why wasn’t a ‘context aware’ monitoring system in place? In other words, what need did a ‘heating, ventilation and air conditioning’ contractor from Pittsburg have for a 100-million strong customer database?
A broader perspective
This is just one example of a big brand affected by data breach. What about the many others that we are partially or totally unaware of? Every single industry uses data today to power operations and commerce. Clichéd it may be, but data is the new oil.
Are you aware of what happens to your priceless data? Who accesses it? Who downloads it? What happens when it goes outside your secure SAP landscape?
Most often than not, the answer is NO. But that’s not strange considering old classification paradigms in use. The answer is in not being aware of your data downloads based on ‘content’, but by ‘context’.
HALOCORE’s® enhanced logging and auditing features allow enterprises to isolate their internal threats and reduce the risk of unwanted information exposure. All data download and extraction activity from SAP is aggregated into a fully customizable audit log, which can be extracted to powerful tools such as SAP Business Intelligence and Analytics solutions.
HALOCORE® provides a seamless classification experience for any data extracted from SAP. HALOCORE® intercepts the data being downloaded from SAP and applies fully customizable labels to the document metadata. HALOCORE® ensures consistent and proper handling of documents downloaded from SAP throughout their life cycle.
So if you think your SAP data is truly secure, think again. You might have left a window open.
(1) Warwick Ashford, ‘US retailer Target agrees $18.5m data breach settlement’, ComputerWeekly.com, 24 May 2017