Know what will leak before the breach

By on
Know what will leak before the breach

[Blog post] Your archival policy could be a line of defence.

If you thought data breaches fade away soon after they've taken place, the aftermath of the Sony Pictures Entertainment (SPE) hack should make you think again.

Wikileaks and its editor, Julian Assange, recently published the emails that were purloined from SPE by unknown hackers, along with documents that had been previously posted on the internet.

They went even further by indexing all the unredacted messages and documents, making them easy to search.

That’s over 170,000 emails and 32,000 documents from 2200 SPE email addresses.

And the ramifications of the SPE hack are still playing out, with staff taking the corporation to court for insufficient protection of information.

Judging by some of the poor and weak password practices that security analyst and anti-virus industry veteran Graham Cluley found in a simple trawl through the SPE documents, the plaintiffs appear to have a strong case.

SPE and its team of lawyers must also be less than enthralled at Wikileaks ignoring client-attorney privilege and laying bare many of its legal matters.

It’s not exactly clear what SPE and its employees did to deserve such an attack, but one lesson to take from it is that successful breaches such as this can come back and haunt a company for a long time.

Keeping information secure is obviously one part of the problem that SPE failed to address, but equally important is knowing what’s stored on your servers, and understanding the consequences of even often banal matters being leaked to the public.

Taken out of context, even seemingly innocuous information can be used against anyone.

A quick look at the SPE archives shows that the company appears to have stored just about everything, from trivial stuff to weighty, sensitive company matters, in large amounts.

That’s a dangerous kind of “big data” situation, and organisations should consider indexing their stored information before someone like Wikileaks does it for them.

Indexing helps weed out the dross that doesn’t need to be stored, and also provides an idea of the risk a company faces in the event of a data breach.

Having an overview of the sensitive material stored on servers could help guide not just security processes but privacy practices and reputation management.

In other words, an organisation’s security best practice should incorporate digital archival policies that control storage and retention of material.

That approach will make life less fun for hackers, and your organisation will be safer for it.

Got a news tip for our journalists? Share it with us anonymously here.
Juha Saarinen
Juha Saarinen has been covering the technology sector since the mid-1990s for publications around the world. He has been writing for iTnews since 2010 and also contributes to the New Zealand Herald, the Guardian and Wired's Threat Level section. He is based in Auckland, New Zealand. Google
Read more from this blog: SigInt

Most Read Articles

Log In

  |  Forgot your password?