What is a data leak?
A data leak is when someone gains illegal access to information.
Whose fault is the data leak?
There are usually three categories of people who can cause data breaches within an organization.
1. Random Insider
Sometimes data leaks can be accidental. For example, someone worked in an organization and had too many privileges. In this case, the folder or file may appear insight by accident or due to unhealthy curiosity. The person had no intention of causing damage, just someone was in the wrong place at the wrong time. In the case of accidental insiders, the information disclosed does not pose a particular threat, but corrective measures must still be taken.
2. Malicious insider
The situation is similar to the previous one, with the only difference that this type of insider has unscrupulous thoughts. Alternative option: when the employee had the required level of authority, but the thought of revenge on the current or former employer arose. A malicious insider is the most unpleasant scenario discussed in this article, as someone who has been trusted becomes the cause of an intentional leak. The classic example that many of you know about is Edward Snowden. Working for the NSA as a contractor, Snowden had the appropriate level of access, which leaked highly classified information about conflicting government programs.
3. Malicious outsider
An outsider malicious actor is any attacker who gains illegal access to information. A broad group of people with different motivations fall into this category, from a bored teenager to a government-sponsored group of hackers. The consequences of leaks involving outsiders can be very frustrating. Recent examples that fall into this category are attacks on Target and Sony.
The basis of tools for ensuring the protection of personal data
The only way to prevent a cybersecurity crime is to cut off a potential cybercriminal from access to personal data, completely exclude its impact on the DBMS, application software, OS, network devices (both at the “hardware” and software levels). These tools include:
- anti-virus packages of all possible types;
- firewalls (they are also firewalls);
- tools to prevent network attacks and alert about them;
- scanners of potential vulnerabilities.
At the household level, the “defender” and comprehensive antivirus system that comes with Windows 10 “out of the box” copes with intrusion into the system in order to steal personal data. If you do not surf suspicious sites, do not run dubious executable files under the admin – most problems will bypass the average user. But this applies especially to a home PC that does not store commercially important material.
Situations when the virus actively broke computers in the past – modern hardware currently has a sufficient degree of protection against such hacks. Virus attacks are carried out by introducing various types of malicious software aimed solely at stealing confidential information, including personal data.
A professional third-party antivirus must have signature protection onboard, advanced heuristics systems, a multi-level program entrustment policy, and monitors the integrity of critical data. All these components of antivirus slow down the work of the entire system, so you need to have high-quality hardware to store important data.
To minimize the risk of identity theft, it is necessary to use the latest software for the PC, which will hopefully identify new viruses based on the latest technologies. In the event of a threat, a modern antivirus will be able to recognize them not only thanks to the regularly updated database of virus programs but also by using heuristic analysis methods. This makes it possible to identify suspicious actions and previously unknown attacks. The development of new malicious programs does not stop, they are improved, new ones appear, so protection against previously unknown viruses is very necessary for the safe operation of a personal computer.
To choose the most suitable antivirus program, you need to study the current reviews of such software, other programs that ensure PC security. Even free programs will allow you to create effective computer protection if you are not ready to use paid options.
In professional language, they are called firewalls. A lone user can sit behind a standard Windows firewall for years – the level of attacks on his computer never approaches a really threatening one, personal data remains intact. With regard to the corporate network, a fundamentally different level of personal data protection is required. Here you may need a professional VPN and permanent tracking of suspicious activities at all network levels.
In the mid-2000s, Internet Security packages became very popular. Virtually every major antivirus developer (Dr. Web, Avira, AVG, Kaspersky, Symantec, Eset, McAfee) was involved in them.
Regardless of the type, the firewall must be activated on the gateway router to create a “demilitarized zone,” that is, a set of particularly strict rules to protect e-mail and external network applications. An experienced administrator always has several firewall configurations – for the most common emergency cases of personal data protection on a PC.
3. Intrusion prevention systems
Intrusion Prevention System – in the specialized literature they appear as IPS (in no case should it be confused with the technology for the production of matrices of TVs and computer monitors!). ISS should be installed in the network gap to check the traffic for signs of suspicious activity and neutralize them according to the assigned security policy.
Intrusion prevention systems are far superior in efficiency to gateway antiviruses, since they monitor not only packets but also the correctness of the protocols used. The range of threats against which the IPS protects itself is also much wider. Such personal data protection systems are produced by traditional antivirus vendors like Check Point and McAfee, and monopolists in the field of routers and other network electronics like Juniper and Cisco.
4. Vulnerability scanners
A verification program for the shortcomings of the security of both the OS and the applied software used. They come in software, a relatively exotic form factor – a separate electronic device that simulates a variety of threats in relation to the user’s PC and network protocols around it. There are many representatives of the class: MaxPatrol, IBM ISS, Symantec, McAfee (Vulnerability Manager). There are also passive network traffic scanners. Actually, these are all descendants of the “test viruses” packages launched to assess the “professional suitability” of a freshly installed antivirus. Vulnerability scanners also serve for internal audit of protection, regulated by the FSTEC requirements.
How to protect personal information on a PC
Following the steps below will help you protect your personal data on your PC as efficiently as possible.
Encrypting information will help protect information – there is a huge amount of personal data on hard drives, USB-drives. Credentials, confidential information may become the property of third parties in case of loss of these media. To protect this data, you must not only set a strong password but also encrypt the drives, which will close access to them if the password is unknown.
Enterprise, maximum versions of Windows 7, Windows Vista contain BitLocker encryption tool. Other operating systems can use the free TrueCrypt to encrypt some or all of the data.
If you have Mac OS X you can use FileVault. This tool encrypts folders on desktops. The new version of Mac OS X encrypts the entire Lion desktop.
Today you can buy external drives, drives that have built-in encryption, including scanning the owner’s fingerprints.
2. Software Update
This is the easiest way to protect your PC. You need to update not only the operating system itself but also other programs installed on the computer. Developers are constantly updating versions of their own products, improving their functionality, fixing bugs, closing weak points through which data leakage is possible. Frequently updated versions contain new components and new features.
Many programs have a special auto-update function, notifications about an upcoming update. If you receive such a message, you must immediately install the proposed update. This will reduce the risk of theft of personal data and other confidential information.
The fairly popular SUMo program will help you keep track of updates.
3. Wi-Fi network protection
Make sure to keep your home Wi-Fi network private. A password is used for this. Otherwise, outsiders can easily enter the PC and use any information, including confidential.
Protection – encryption of Wi-Fi network traffic. This is inconvenient since you have to enter a password every time you connect to the network, but this is necessary to protect your PC from outside attacks.
Modern wireless routers use three standards for encryption:
The last two have a higher degree of protection against hacking.
You can also turn off the broadcast of the network name – SSID. In this case, gaining access to her will be possible only for those who know her name. The rest of the PCs will not be able to see this network.
4. Online shopping – virtual bank cards
When buying something on the Internet, you need to enter your bank card information – this is part of the personal data that is used on a PC. The risk to the security of a bank account is extremely high since there is no guarantee of the seller’s good faith, as well as the security system of the site on which the purchase is made.
Using a virtual bank card number will allow you to secure payments. These are the bank card details that allow you to make a payment and prevent attackers from accessing your bank account. Among Russian banks, virtual products are offered by Alfa Bank, VTB and others.
5. HTTPS protocol for browsing
Surfing the Internet is less risky with Hypertext Transfer Protocol Secure (HTTPS). It encrypts traffic passing between the PC and the site, prevents data leakage, reduces the possibility of hacking, but is not a guarantee of the security of the resource that the user visits.
Many computer users are concerned with the question of how to secure their computers from theft? Of course, most PC users, taking care of protection against viruses and identity theft, completely forget about the physical protection of the hardware itself. Among the free programs for the full protection of your gadgets on windows OS, we can mention the LAlarm program; Prey and IPFetcher. They all have different capabilities, but the principle of their operation is as follows: all these programs, when some conditions change, for example, IP addresses, send a message to the owner’s mail with the current IP address and route trace. This is enough for the police to find out the exact location of your laptop.