Data security has shot to the top of the list of concerns for many businesses and organizations. The heightened level of concern and spending on improving IT security is a necessity given that cybercrimes are projected to account for over $10.5 trillion in damages annually by 2021.1 Let’s discuss some of the concerns related to data breaches and how businesses can protect their data more effectively.
Impact of data breaches
Statista states that in 2019, the number of data breaches in the US amounted to almost 1,500 cases with over 164.68 million sensitive records exposed.2 Data breaches are not only a pervasive problem for businesses and organizations but are also financially devastating. According to IBM, the total cost of a data breach is $3.86 million.3
In addition to disrupting daily business operations, data breaches can also have negative implications on the reputation of a business, both for current customers as well as when trying to market to future customers. In a PwC poll, over 69% of survey respondents believed that companies are vulnerable to hacks and cyberattacks.4 92% of the survey respondents also agree that companies must be proactive about data protection.5
Growing data security concerns
Data breaches can be caused by a number of factors, hacking being one of the major factors. A Verizon Data Breach Investigations Report pointed out that 52% of breaches featured hacking.6 There has also been an unprecedented number of hacking attempts since the start of the pandemic, with major pharmaceutical companies reporting that documents related to vaccine development have been “unlawfully accessed” in cyberattacks.7
Physical theft and loss of IT devices are also major causes of data breaches. As shown in a report by Verizon, physical data breaches accounted for almost 30% of data breaches in the finance industry.8 Remote work during the pandemic also raises concerns of stolen or misplaced devices. With more employees working from home than ever before, a greater amount of company owned data is accessible outside of company premises. Storage devices, laptops and more, are vulnerable to misplacement or theft.
Cloud-based storage has also become a target in many recent cyber-attacks. As HIPAA Journal notes, 70% of companies have suffered a public cloud data breach in the past year.9 When using the public cloud, businesses are placing their data under third-party control, so the right precautions need to be considered.
Building a stronger defense
It is important for businesses to utilize a multi-layered security approach when it comes to data security. Cyberattacks encompass a wide range of threats, which means the more sophisticated the defense, the more protection it offers. Businesses can beef up data security by using solutions such as:
Firewalls are the basic line of defense in cybersecurity. A dependable firewall should monitor and control network traffic effectively, helping prevent data breaches in general. It’s important to make sure that firewalls are enabled on both in-office devices as well as portable computing devices.
The utilization of data encryption is imperative in bolstering data security. According to IBM, extensive use of encryption was a top cost saving factor, reducing the total cost of a breach by a massive $360,000.10 Data encryption is also a baseline requirement for many organizations in the medical, financial and government industries.
Two types of encryption should be used to mitigate the risk of data breaches: filesystem-level encryption and full disk encryption. Filesystem-level encryption can be activated in the operating system and protects individual files in a running system.
Full disk encryption on storage devices is designed to protect at-rest data. Storage devices like SSDs with built-in AES (Advanced Encryption Standard) encryption utilize encryption algorithms to generate a DEK (data encryption key) and convert data into ciphertext, preventing perpetrators from reading decrypted data should the device fall into the wrong hands.
MFA (Multi-factor authentication) adds extra layers of security in protecting your data by requiring multiple user verification checks to grant access. MFA can involve knowledge factors (such as a password), possession factors (such as a software token on a mobile phone), biometrics (such as a fingerprint or voice recognition) and user location. MFA can protect users against cyber threats such as phishing, password brute-force attacks, keyloggers and other threats.
Reliable anti-virus software can protect systems against malware, ransomware, backdoors and other kinds of malicious software.
Hybrid cloud adoption
Hybrid cloud addresses privacy concerns related to cloud-based attacks. As discussed in our 2021 IT trends article
, hybrid cloud enables businesses to retain control of their data with on-prem data centers and utilize cloud as a redundancy to local storage.
Axiom is always ready to help
For over 25 years, Axiom has been a leader in helping businesses build secure, high-performance IT infrastructures. As THE OEM Alternative®, Axiom delivers OEM-equivalent or better performing solutions at a fraction of the cost, enabling businesses to invest more on strengthening cybersecurity.
Axiom offers high-capacity storage solutions, including SSDs with AES 256-bit encryption and TCG-Opal 2.0 compliant SSDs, as well as HDDs, flash drives and SD cards, all of which adhere to the highest standards of data security.
To view our list of storage solutions, click here