DATA LEAK

The threat is real !

www.dataresolve.com
Introduction
The proliferation of the Internet has made our lives easier. With the Internet of Things (IoT), you can
order everything from grocery to high-value appliances online and perform financial transactions in a
click. Passwords protect our lives. On the flip side, however, this has made us susceptible to information
leakage, which often results in the loss of critical information or money.

Did You Know?

By 2020, the estimated number of
passwords used by humans and machines
worldwide will grow to 300 billion.

For enterprises, the risk is even more. Irrespective of the size of the organization, critical information is
available to all the employees and can be accessed from multiple devices. In the case of identity theft
or violation of industry compliance mandates, organizations can be sued or fined. Therefore, it is crucial
for organizations to govern and set policies around data sharing and access to avoid loss of data and
dollars.

In this whitepaper, we will explore the risk of data leakage and

detail the following:
What is Data Leak?
Causes of Data Leak
Types of Data Leak
Data Leak Prevention (DLP) strategy
Making the right choice

www.dataresolve.com 02
What is Data Leak?
International Organization for Standardization (ISO) defines a data leak as a compromise of security
that causes accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to
protected data transmitted, stored or otherwise processed.
According to Techopedia, data leak involves the unauthorized or illegal viewing, access, or
retrieval of data by an individual, application, or service. It is a kind of security breach that is aimed to
steal and publish data to an unsecured or illegal location.
Often conducted over a network connection or the Internet, data leak involves hackers having
access to a repository with confidential data or a secure database including personal information like
Social Security Numbers (SSN), credit card credentials, and medical histories; or corporate information
like software source code, client lists, revenue, and other financial information.

Causes of Data Leak

Enterprises across the world are facing data leakes. Be it a hacker attempting to steal sensitive data from
the corporate website, or an employee accidentally looking at the email of another employee, a data
leak is so commonplace that people have seemingly stopped reacting to news citing a data breach.

Did You Know?

Almost 7 million data
records are compromised
every day.

Weak and unprotected passwords, accessing accounts via networks that capture login credentials,
unauthorized email access, accessing illegal websites, lack of encryption and two-factor authentication,
loss of devices like portable hard drives, laptops, and phones – the reasons why data leakage happens
are many.

www.dataresolve.com 03
The recurring root causes of Data Leak can be summarized as follows:

People Process Technology

Lack of awareness Lack of data usage policies Lack of secure communication platforms
Lack of responsibility Lack of monitoring Lack of DLP tools
Lack of accountability Lack of transmission Lack of flexibility for remote
procedures connectivity

Types of Data Leak

If you think you’re safe because your organization did not make it to the headlines with a cyber-attack,
think again. Data leakes come in various shapes and sizes and knowing the type of violation is as
important as the cause.

Here are five common types of data leakes that an organization can face:

Hacking (also includes skimming, phishing, and malware): Denial of service,

password attacks, emails – hackers employ both old and new techniques to have access to confidential
information.

Insider Threat: Employees have the most sensitive information about insider data and therefore
can cause insurmountable loss if they expose the data. Without proper security protocols, monitoring,
and non-disclosure agreements, they can cause significant damage.

Human Negligence: Sometimes, employees disclose information or give access to their systems
to third-persons without realizing the confidentiality. Loss of device, improper disposal of hard copies,
and other such errors is a potential cause of data breach.

Theft: Theft of laptops, mobile devices, USB drives, or external hard drives can cause significant loss
of data.

Unauthorized Access: Lack of access controls, specifically poorly monitored passwords or two-
factor authentication can cause a data breach.

www.dataresolve.com 04
While some data breaches are deliberate, most can be attributed to the unguarded database and
negligence of security. If you’re curious to know the data breaches that made headlines in 2018, here
is a consolidated list of the top 10 data breaches:

How many people affected Disclosed

Aadhaar Breach 1,000,000,000 January 2018
Starwood-Marriot-Breach 500,000,000 September 2018
Exactis Breach 340,000,000 June 2018
Under Armour-MyFitnessPal Breach 150,000,000 February 2018
Quora Breach 100,000,000 December 2018
MyHeritage Breach 92,000,000 June 2018
Facebook Breach 87,000,000 September 2018
Elasticsearch Breach 82,000,000 November 2018
Newegg Breach 50,000,000 September 2018
Panera Breach 37,000,000 April 2018

US companies lose more than $525 million annually due to the data breach, most of which are from
malicious code and denial of services. A survey by Thales confirms that in India, data breaches are
around 52%, much high compared to the global average of approximately 36%.

To prevent data leak, it is essential to understand the problem and the risks associated with it.
The diagram below from an Ernst & Young research summarizes the risk of data leakage:

Data Leak Risks

Cause Effect
Your Business Environment
* Loss or the� of laptops or * Brand damage and loss of
mobile devices Corporate Data Customer Data reputa�on
Customer
* Unauthorized transfer of R&D Service * Loss of compe��ve
data to USB devices advantage
* Improper categoriza�on of * Loss of customers
sensi�ve data * Loss of market share
* Data the� by employees or YOUR * Erosion of shareholder value
external par�es Sales Contractors * Fines and civil penal�es
DATA
* Prin�ng and copying of * Li�ga�on/Legal ac�on
sensi�ve data by employees * Regulatory fines/sanc�ons
* insufficient response to * Significant cost and effort to
intrusions no�fy affected par�es and
HR Legal Finance
* Uninten�onal transmission Personally Transaction recover from the breach
of sensi�ve data identifiable data Data

www.dataresolve.com 05
Data Leak Prevention(DLP) Strategy
The threat of data leak is real. Therefore, companies need to react proactively to prevent data leak. In
the age of cloud and bring your own devices (BYOD), various departments across the organization need
to come together to enforce data leak prevention strategies and policies.

Training Session
Security and data leak prevention should be a part of each employee’s education. All the employees,
including the C-level executives, should understand the consequences of unsecured data and access to
corporate systems. The IT department should educate on how to secure files when using cloud-based
services.

Limit User Access

Tagging data digitally and restricting employee access to specific data and documents can help control
leakage. For that, it is essential to understand the types of data that you want to protect, and trying
access of such data with management rights. For example, all employees should not have access to the
company website.

Cybersecurity System
Minimize data leak with routine endpoint protection like firewalls and encryption. While antivirus
programs might not be able to counter big attacks, they can protect from public threats, like viruses and
malicious software downloads.

Central Repository for Sensitive Data

Data like PII of your customers should always be stored in a centralized, secure location, from where only
employees with rights to access can do so. Create a multilayered cybersecurity strategy and providing
access remotely over VPN can enhance the security of confidential data.

Monitor Employees
Monitoring access to systems and networks by employees can prevent a data breach. Some of the
common measures that can be implemented are as follows:
Run a scan on individual machines and identify sensitive information
Tag sensitive information
Monitor how sensitive information is shared within and outside the organization across a set of
channels

www.dataresolve.com 06
 Create red flags as and when information transfer is compromised
Monitor employee activities across devices beyond leakage to track suspects in a proactive manner
Monitor emails hosted on the cloud, monitor usage of external drives in an organization
Whitelist external drives and enforce encryption
Monitor if any data is shared on competition emails in BCC
Control application usages on individual machines
Block URLs that are prone to information transfer
Inspect traffic at different stages – on the network, at endpoints, and on stored data
Track complete admin sessions on servers
Control use of specific content by not allowing employees to save, print, or forward content with
sensitive information
Block access to websites not related to work and malicious sites
Block usage of portable devices on laptops to prevent the transfer of data

Making the right choice

Choosing the right solution to avoid data leak can be challenging.
Before you zero down on any solution, check if the solution has
the following capabilities:

Discover Alert
Where the sensitive data resides Maintain actionable intelligence on
the breach

Analyze Detect
The data sent out by employees Monitor fragments of sensitive
through various channels data that can be sent out of the
organization
Control
Lock specific channels or activities
to prevent data exfiltration

www.dataresolve.com 07
Conclusion
A comprehensive data leak protection solution should have the following features:

Application Control
Control the execution of unwanted applications
Control malware propagation
Control ransomware from creating outbound connections
Get visibility and control of unknown executable running on end-user machines

Device Control
Control usage of mass storage devices for R&D work
Enforce encryption on external devices going out of company boundaries to ensure data integrity
Authorize mass storage device usage across Linux versions

Real-time Incident Alert

Alerts for any file upload send to unauthorized domain
Alerts for emails sent via personal email id which are blacklisted
Alerts for any file sent with a file rename or a change in file extension
Alerts for any applications/browser accessed even after it is blacklisted or blocked
Capable of creating feasibility for role-based admin accounts for different departments

Email Control
End-to-end monitoring including sent items, storing sensitive content in draft folders
Tracking of emails stored in a draft and sent via additional means
Blacklisting of the unauthorized email domain
Attachment blocking for certain email ids
Email shadow logging for generating attachments sent outside the organization

Enforced Encryption
Registering limited pen drives access to the user
Restricting USBs data internally, due to which employees could not access the inside vault data
while roaming

www.dataresolve.com 08
inDefend: Unified User Behavior Analytics and Insider Threat
Management Solution
inDefend is a one-stop solution to help protect your data from all kinds of insider threats within your
organization. It allows you to monitor your employees' behavioral patterns and pinpoint potential
avenues for data exfiltration. This solution is built to achieve complete transparency over all the digital
assets residing within your organization. With our unified solution, you can quickly tackle various kinds
of security issues about data exfiltration. It offers a proactive approach to the organization as follows:

Insider Threat Management

Get a complete user behavior analysis to protect your sensitive data from being
compromised by employees by monitoring their activities and communication habits.

Real-time Alerts
Get real-time incident alerts for any data exfiltration activity that takes place within the
organization.

Accurate Analytics
Get detailed cyber intelligence reports which highlight the critical sensitive data leakage
scenarios with granular visibility into team dynamics and organizational ecosystem.

Superior Control
Lockdown or block specific channels or devices in case any sensitive data exfiltration is
detected.

Enforced Encryption
Secure multiple endpoints with implemented encryption to restrict the use of sensitive
information or files.

Implementing a better security system is the need of all organizations at this hour. Our
unified solution inDefend can secure your organization from data exfiltration. inDefend is
designed to prevent data leakage via various communication channels and proactively keep
you informed of any sensitive data exfiltration attempt even on the go. So, start securing your
organization against data exfiltration with inDefend.

www.dataresolve.com 09
CONTACT US FOR A FREE TRIAL

VISIT OUR WEBSITE ABOUT DATA RESOLVE TECHNOLOGIES

www.dataresolve.com
TO SPEAK WITH OUR CYBER
SECURITY CONSULTANT
Call : +91 92666 03983
Email : ask@dataresolve.com
OUR WORLDWIDE PRESENCE
India (Noida, Gurgaon, Mumbai,
Bangalore, Pune, Hyderabad)
UAE (Dubai)
Data Resolve Technologies is an IIT Kharagpur incubated startup,
focused towards building futuristic products for Insider Threat
Management and Employee Monitoring for mid-sized and large
enterprises. We enable CIOs/ CISOs and business managers
to monitor and predict employee behaviour and report any
anomalous intentions detected, helping them build a secure
ecosystem and increasing employee productivity.

DATA RESOLVE TECHNOLOGIES HEAD OFFICE

G-24, 2nd Floor, Sector-6, Noida,
Uttar Pradesh, INDIA 201301
Phone: +91-9266603983