Contents:
Data leakage, frequently called information leakage, is the unauthorized disclosure of sensitive data from within a company’s network secured perimeter to an external recipient. Data leakage can happen in many ways and can be unintentional or intentional.
What Can Cause a Data Leak?
A data leak can happen either electronically or physically via USB drives, cameras, printers, etc. Here are the most frequent causes of data leaks:
System Misconfiguration
Information leakage can happen because of a system misconfiguration. Here are some examples:
- Transition to remote work and improper configuration of tools and databases employees need access to during this process can leave security gaps in the system which might eventually lead to exposure of critical data;
- Software error: let’s take the example of that software error found in the Denmark government tax portal. This led to the exposure of tax ID numbers belonging to 1.26 million Danish citizens.
Unintentional Data Leak
A data leak does not have to be intentional. It might happen because an employee sends confidential data by mistake to the wrong recipient.
Another way data could be leaked is by the negligence of the user, such as forgetting to log out of an account or losing a laptop with sensitive information on it.
Intentional Information Leakage
Another case of information leakage is when an ill-intentioned employee chooses to deliberately share confidential information with an unauthorized third party. This is also often called data exfiltration.
An example of intentional data leakage could be the case of the Tesla Quality Assurance software engineer who transferred thousands of files with trade secrets to a personal Dropbox account.
Obviously, not every cyber attack also includes data leakage in its set of goals. But many of them do, including:
- Data theft by intruders;
- SQL injection;
- Man-in-the-Middle attacks;
- Dumpster diving;
- Password sniffing;
- Phishing and all other subtypes (whaling, spear-phishing, spy-phishing, pharming, etc.);
- Social engineering;
- Browser hijacking;
- DNS spoofing and the list could go on.
Data Leakage Examples
Facebook Data Leak 2021
A famous example of data leakage is the Facebook data leak 2021. A user from a low-level hacking forum leaked personal data of over 533 million Facebook users in 106 countries including phone numbers, Facebook IDs, full names, locations, birthdates, biographies, and email addresses.
Apple Data Leak
Researchers from Fingerprint.js revealed publicly on January 14, 2022 details about a bug in the WebKit browser engine that left the way open for Apple data leaks like browsing history and Google IDs. The flaw was discovered in the implementation of IndexedDB, which is a Javascript API for data storage. Malicious websites could use the exploit to view URLs that a user had recently visited, as well as the Google User ID, which can be used to find user personal info.
However, Apple patched this vulnerability dubbed CVE-2022-22594 later on in Safari 15.3 for iOS and macOS.
Why Is Data Leakage Prevention Important?
Data leakage prevention is important because this way you avoid a series of both short-term and long-term consequences.
Short-Term Consequences
The short-term consequences of a security breach within your company are threefold:
- Mitigation costs;
- Fines and fees;
- Federal investigations.
Long-Term Consequences
Still not convinced that data leakage prevention is the only viable choice? Let’s have a look at the three long-term consequences this type of cyberattack will have on your company:
- Damaged reputation;
- Loss of customer trust;
- Diminished morale.
Heimdal® Privileged Access Management
- Automate the elevation of admin rights on request;
- Approve or reject escalations with one click;
- Provide a full audit trail into user behavior;
- Automatically de-escalate on infection;
Best Practices in Data Leakage Prevention
Adopting the best data leakage prevention practices will prevent your critical business data from falling in the wrong hands. Here is a handful of strategies we recommend you adopt when working on preventing data leaks.
Choose a Privileged Access Management Tool
Data leakage prevention can be achieved through Privileged Access Management which is an approach that focuses on the monitoring of privileged accounts, mitigating both external and insider threats that rely on the misuse of administrative privileges within a business network. It’s based on the principle of least privilege, which states that user accounts should have the bare minimum of access rights required to finalize the tasks they need to complete.
With a state-of-the-art PAM solution such as our Heimdal™ Privileged Access Management under your belt, you can add access governance to your cybersecurity strategy for complete control over your confidential data. In addition to this, it provides a certain degree of automation in the process which saves you both time and energy.
Boost Your Strategy with Application Control
Poor application security can definitely cause a data leak. Privileged access management goes hand in hand with application control, an information security practice that, in turn, goes hand in hand with data leakage prevention. By restricting the applications that are allowed to execute within your system, you can implement a level of granular security that stops data exfiltration attempts and you can do this with Heimdal Application Control, which is a complete integrated toolbox that helps you create a custom list of blacklisted and whitelisted applications according to their name, path, publisher certificate, or cryptographic hash for seamless security.
Take Knowledge of Your Data
To prevent a data leak, you should know which data is sensitive and which is not in your company, and who has permission to that critical data. Then adopt data discovery and data classification strategies to prevent information leakage.
Adopt a Vulnerability Risk Management Strategy
A company should assess on a regular basis what risks it faces and here is where a vulnerability risk management strategy comes into play. Since data leaks can be triggered by software vulnerabilities, a Patch & Asset Management tool that keeps your software automatically and instantly updated is yet another solution to help you work on data leakage prevention.
A vulnerability management strategy will also help you detect anomalous behavior within the network through alerts on any changes to critical configuration parameters letting you take immediate action to close off a security gap.
Properly Secure Your Endpoints
An endpoint can be a mobile phone, a laptop, or a tablet, so basically, any device connected to the company’s network and thus having access to company data. An MDM tool like Heimdal Next-Gen Antivirus & MDM can help you properly secure endpoints preventing this way potential data leaks.
Encrypt Your Data
Encryption protects data through complex algorithms. That means that the access to the decryption key is reserved only for authorized personnel and both your data-in-transit and data-at-rest remain protected from data leaks.
Implement Email Content Filtering
A content filtering system that employs deep content analysis technologies lets you detect sensitive data in text, photos, and email attachments. This way an admin can check a transfer’s legitimacy following the received alerts.
Make Sure Your Cloud Storage Configuration Is Valid
The use of cloud storage has been widely adopted, that is why data leaks can be prevented if the cloud storage settings undergo a continuous validation process.
Educate Your Employees on Cybersecurity
At the end of the day, your employees are your most important defensive barrier, which is why you should provide them with adequate cybersecurity education. When speaking of a data leakage prevention strategy, your employees should know:
- what a data breach and data exfiltration look like;
- how to recognize the most common types of cyberattacks;
- how to spot and report insider threats;
- who holds which role within the organization;
- what data should be shared and what data shouldn’t.
Implement a Password Security Policy
Strong passwords are your organization’s first line of defense against external and internal cyberattackers alike. Regardless of whether they are private or shared among multiple staff members, a password security policy should include passwords that are:
- Impossible to guess;
- Varied from account to account;
- Safely stored and encrypted.
Apply Advanced Threat Prevention
Last, but not least, you should know that DNS filtering for your online network perimeter and endpoints is definitely a prerequisite for data leakage prevention. Available in both Network and Endpoint variants, Heimdal™ Threat Prevention adds powerful artificial intelligence-driven protection to your organization with its proprietary DarkLayer Guard™ and VectorN Detection technology. By scanning and logging incoming and outgoing traffic, it detects known threats, as well as novel ones, which means that your confidential data will remain safe.
Heimdal® DNS Security Solution
- Machine learning powered scans for all incoming online traffic;
- Stops data breaches before sensitive info can be exposed to the outside;
- Advanced DNS, HTTP and HTTPS filtering for all your endpoints;
- Protection against data leakage, APTs, ransomware and exploits;
Wrapping Up…
In a digital landscape dominated by information leakage and unlawful network access, data leakage prevention is the strategy your company needs to stay one step ahead of hackers at all times. This complex approach has three principal pillars: proper policies, knowledgeable employees, and innovative solutions. Heimdal Security can help you with the latter, so don’t hesitate to reach out to us if you require a robust roster of cybersecurity products.
Did you enjoy this article? Follow us on LinkedIn, Twitter, Facebook, Youtube, or Instagram to keep up to date with everything we post!
This article was initially written by Alina Petcu in February 2021 and updated by Andra Andrioaie in April 2022.