Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Let's Be Extra Vigilant With Our Data This Holiday Season

DZone's Guide to

Let's Be Extra Vigilant With Our Data This Holiday Season

During the holiday season, people are easily distracted — and that can increase the risk of your organization suffering a data breach.

· Big Data Zone ·
Free Resource

Hortonworks Sandbox for HDP and HDF is your chance to get started on learning, developing, testing and trying out new features. Each download comes preconfigured with interactive tutorials, sample data and developments from the Apache community.

Thanksgiving weekend is well behind us, so it's official" the holiday season is here. That means virtually everyone not named Ebenezer Scrooge is busy shopping, attending parties, and bracing for visits from the in-laws. People are easily distracted, and that can increase the risk of your organization suffering a data breach.

Innocent insiders are more prone to making mistakes handling and sharing data, and malicious insiders or external actors count on you're being distracted while they move data along the Insider Threat Kill Chain. That's why you need to monitor current employees and ensure former employees do not still have access to sensitive information.

That's the key lesson that federal regulators want organizations to take away from a recent issue of the Department of Health and Human Services' Office for Civil Rights's (OCR) monthly cyber security newsletter.

"It is extremely important that covered entities and business associates prevent unauthorized access to protected health information (PHI) by ensuring that the former workforce member's access to PHI is effectively terminated," OCR adds.

It recommends implementing effective identity and access management (IAM) policies and controls to reduce the risks that insider threats pose. That includes ensuring someone does not take advantage of a former colleague's credentials that may be inactive but not fully terminated or disabled.

Do not underestimate the damage someone who gains control over still-active user accounts can do. Consider the case that BankInfoSecurity reported on earlier this month involving a former systems administrator with Centerville Clinics in Pennsylvania.

After leaving the organization in 2013, he created an undisclosed new administrative account that gave him full access and control of the clinics' computer system. His access went unnoticed for two years.

He was finally caught, convicted of wire fraud and hacking computers, and sentenced to 27 months in federal prison.

That case illustrates why it is so important to have full visibility over all of your data so that you can be proactive in monitoring how all employees are accessing and using it. Continuously tracking all user activity will provide you with full context into where your sensitive information assets are and how and when they are created, accessed, moved, and shared. This is also critical to determining the source, impact, and vector of data exfiltration.

OCR provides a list of other proactive steps to take as part of a comprehensive IAM policy, including:

  • Implement standard procedures of all action items to be completed when an individual leaves the company, including notifying the appropriate IT personnel.
  • Create an alert system to notify the proper department when an account has not been used for a specified number of days.
  • Terminate electronic and physical access as soon as possible upon an employee's departure.

Hortonworks Community Connection (HCC) is an online collaboration destination for developers, DevOps, customers and partners to get answers to questions, collaborate on technical articles and share code examples from GitHub.  Join the discussion.

Topics:
big data ,data security ,data breach

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}