Courion Corporation

Biggest Data Theft Threat?

A couple of newly released studies on data theft are contradicting the avalanche of recent data suggesting that "insider" security attacks were more prevalent in 2008 than external hacking.  While it's interesting to note that insider breaches continue to be much more damaging, the 2^nd annual Verizon Business Breach study (a complete PDF copy of which is available here: http://tinyurl.com/c59gjo) found that 64% of breaches were external hacks that resulted from third-party remote access of default credentials.   The Verizon Business study includes recommendations for bolstering access controls, including frequent changes to default credentials, limiting shared credentials, regular review of user account privileges, and ensuring effective termination procedures.

In addition, the Computing Technology Industry Association's (CompTIA) 7^th annual security research study revealed that while a significant number (31%) of respondents said their breaches came from inside their companies (whether accidental or malicious), the majority of breaches were still caused by external attacks. 

It's interesting to note that after all the increases in security spending, businesses are still finding themselves vulnerable when it comes to their ability to prevent unauthorized access.  As the Verizon Business study points out, "87% [of breaches] were considered avoidable through simple or intermediate controls." 

The bottom line here is that whether you're talking about internal or external threats to corporate data, companies need to be sure to constantly review their access assurance policies and identify the right processes to ensure that access to default credentials are locked down.  After all, criminals will usually take the path of least resistance, and unfettered access fits that description all too well.