FTC Shouldn’t Catch Your Breaches

Share this story:Tweet about this on Twitter0Share on LinkedIn0Share on Google+0Share on Facebook0

Using free online storage and collaboration systems dramatically increases a company’s risk of a data breach.  Many of these tools automatically synchronize desktop folders with folders in the cloud.  Compromised credentials can give hackers easy access to all of a company’s sensitive information.

Companies need to monitor traffic over known P2P ports and over commonly used ones, like 80 and 21.  It’s not just data loss prevention, it’s ensuring that policies that address “what data can be sent to whom” are enforced – regardless of port and security mechanisms.

Most of today’s threats with P2P file sharing come from applications that work in conjunction with cloud services, leaving room for hackers to create desktop onramps for their own use.”

 In a recent case, the FTC found the breach.  The truth is – the companies breached should have found it first.

Many enterprise collaboration tools have browser-based portals set to automatically download documents from specific locations.  Simply changing the default settings away from “My Documents” can prevent employees from unknowingly downloading and installing applications that could increase a company’s risk of a breach.

This entry was posted in Enforcement, Person-to-Person, Security, Technology and Software and tagged , , , , , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Leave a Reply