In a Dutch programme set to screened, it has been revealed that 700-pages of secret intelligence documents were stored and viewable on a hard drive that was linked to the web. The disk was able to be accessed online without a password. Mark Hickman, COO at WinMagic commented below, who believes it highlights just how serious the problems are that companies face with sensitive information and the ease with which it can be online. IT security experts from WinMagic and ZoneFox commented below.
Mark Hickman, COO at WinMagic:
“If organisations like Europol which are so tight on security can make mistakes, it brings into stark reality how much inherent risk there is for businesses if the right approach is not taken to educating employees, as well as having the right technology, to protect data at rest. Security is not just IT’s job – it’s everybody’s. Encryption cannot be an optional extra, it has to be enforced for any data that you do not want to be seen, or get into the hands of, unauthorised people. That applies whether it is your business plan, customer personal information, or government data.”
Dr. Jamie Graves, CEO at ZoneFox:
“Details are still a little fuzzy surrounding the Europol breach – par for the course with such a sensitive leak of information – but the one constant in all of the stories seems to be the use of an external device. This is extremely worrying for Interpol and any affiliated counter-terrorism organisations.
The fact that such highly classified materials were freely available to be moved onto an external device and taken outside the immediate network should be of major concern, regardless of whether this should have been done or not by the individual employee.
The thing is, these kinds of lapses in judgement with individuals will happen from time to time. You can and should educate them as much as possible to eliminate any poor security habits, but that’s not fool proof. Ideally, Europol should have been monitoring their network through user behaviour analysis software.
By building up a profile of this officer and their usual behaviour, the system would have flagged that sensitive documents were being taken off the network and onto an external device in close to real-time. This may well have led to the incident being rectified and the officer dealt with before the aforementioned hard drive was connected to the internet for the rest of the world to discover.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.