26 September 2015

Vectors of Data Loss and Exfiltration

The expression "vector of data loss and exfiltration" refers to the means by which data leaves the organization without authorization. Common vectors of data loss and exfiltration include the following:

Email attachments: Email attachments often contain sensitive information like confidential corporate, customer, and personal data. The attachments can leave the organization in various ways. For example, the email with the attachment might be intercepted or a user might accidentally send the email to the wrong person.

Unencrypted devices: Smartphones and other personal devices are often protected only with a password. Employees sometimes send sensitive company information to these devices. While the data may be encrypted while traversing the Internet to the device, it can be unencrypted when it lands on the personal device. If the device password is compromised, an attacker can steal corporate data and perhaps even gain unauthorized access to the company network.

Cloud storage services: Company employees are often tempted to transfer large files by using cloud storage services of their own choosing without the approval of the company IT department. This can result in theft of sensitive documents by someone like a social network “friend” with whom the employee shares a directory on the cloud storage server.

Removable storage devices: Putting sensitive data on a removable storage device may pose more of a threat than putting that data on a smartphone. Such devices are not only easily lost or stolen; they also typically do not have passwords, encryption, or any other protection for the data they contain. While such protection for removable storage devices is available, it is relatively expensive and infrequently used as of this writing.

Improper access controls: Without proper access controls such as ACLs on firewalls, the risk of data loss is high. Organizations can lower their risk of data loss by fine-tuning access controls and patching known vulnerabilities.


biOos

1 comment:

Unknown said...

Thanks for the Explanation!!