We hear a lot about protecting our businesses against data breaches and threats from hackers. Such vigilance certainly isn’t unwarranted; the Annual IBM/Ponemon Institute study on the Cost of Data Breaches estimated that the average cost of a data breach in 2018 was $3.86 million, and the probability of any organization experiencing a breach involving at least 1,000 individual records within the next two years is 27.9 percent1.
The odds of it happening to CIO’s directly is roughly 33 percent. But despite the amount of attention given to keeping external hackers out, most data breaches originate somewhere often overlooked; from within the company itself.
In fact, according to the same study, 60 percent of breaches are inside jobs, and not the work of remote thieves hacking their way into your business network. The motives for such jobs vary, but the classic case of an employee trying to steal some manufacturing secrets and make off with their employer’s intellectual property is still commonplace. Just look at the recent incidents at Silicon Valley giants Tesla, Uber and Facebook to see the kind of intellectual property theft that occurs2.
Disgruntled and Dangerous
Corporate espionage and intrigue aside, not all inside hackers, are trying to make off with tons of insider information with which to make a profit. Many are simply disgruntled employees trying to exact revenge on their former employers and give them a few headaches to deal with, as they make their ungraceful exits. Former employees deleting sensitive and important data, resetting system passwords and even crashing the network in their final minutes on the job has become the stuff of office lore.
Such behavior seems petty (and is), but the effect it can have on an organization and system performance is no laughing matter. Data breaches are expensive (the $3.86 million figure standing out), but the costs associated with rebuilding data that is no longer there can be even worse. Considering the sheer amount of data organizations now rely on (especially in online retail) operations can be disrupted and delayed for days or weeks while missing data is recovered, and the system restored to full functionality. When this exact scenario happened to bootmaker Lucchese in 2016, for example, and the network went down, the company lost an entire day of revenue3.
Even when operations are not shut down completely, deleted files will likely wreak havoc on system performance, leaving systems without the data they need to function properly and efficiently.
A Difference of Opinion
It should be mentioned that not all insider breaches and thefts are malicious. In many cases, the employees responsible simply don’t agree – or even realize - they are stealing company property. In fact, in a survey conducted by Symantec, up to 56 percent of employees do not consider it illegal to take employer trade information and intellectual property for personal use4. Additionally, 40 percent of them even plan to bring confidential information with them to their new jobs.
The same survey also established that up to 44 percent of employees believe that if a software developer creates a line of code on the job, he or she maintains at least some ownership and would be free to use it later for their own personal or professional projects. In many cases, data leaks are caused by careless employees who don’t realize they’ve done something wrong.
Even if such situations are merely a matter of disagreement between employees and employers, or the intent isn’t malicious, such behavior regarding data security should alarm even the most well organized operations and encourage them to ramp up cybersecurity – and data recovery – efforts.
Combating Data Breaches: Data Recovery and Restoration
So what steps can you take to prevent and protect against these kinds of internal data breaches and threats to sensitive information? Obviously, your first line of defense is to employ company-wide backups and snapshots when large amounts of data or batches of files are deleted. This can help with larger losses of data where a restore may be more appropriate than a simple file recovery.
In addition, there are effective software solutions that allow for the rapid recovery and restoration of lost, deleted and overwritten files. Whether those files are local or hosted on the server, file recovery software is able to restore them quickly and easily, preventing total data loss and allowing IT departments to restore files within minutes. And of course, educating employees on the proper use of company property - and enforcing NDA’s – can help prevent the unintentional and less malicious of breaches.
Finally, keep your systems running efficiently. Poor system performance alone can cause data error, and missing or deleted files can exacerbate it and result in even worsened performance. A well-maintained, high-functioning system will be less susceptible to the effects of data breaches, and much easier to restore to full functionality.
Jim D’Arezzo has a distinguished career in technology that started at IBM and has included stops at Compaq, Autodesk and as President and COO of Radiant Logic. He is currently CEO of Condusiv, a leader in delete recovery and software-only storage performance solutions.
1. “Cost of Data Breach Study: Global Overview,” IBM Security/Ponemon Institute, 2018.
2. Ferris, Robert, “Tesla sues former Autopilot director for allegedly stealing secrets, poaching coworkers,” CNBC, January 26, 2017.
3. Martinez, Aaron. “Fired Lucchese employee arrested in hacking,” El Paso Times, October 7, 2016
4. “Employees Steal Corporate Data and Don’t Believe It’s Wrong,” IT Business Edge, 2018.