Data is dubbed as the world’s most valuable resource. We’re swamped with it daily, as companies use it to drive growth via a host of devices, software, applications, websites and social media platforms.
Cheekily, some say that it will surpass oil when it comes to fueling success for economies. Since computing is at the bedrock of this growth, having strong data governance protocols is a no-brainier.
Artificial intelligence, machine learning, big data, natural language processing, cloud computing, and predictive analytics — they’re no longer tech buzzwords.
Businesses today use these processes to map out critical insights from data, helping brands transform into future-ready organizations.
Data governance systems ensure the integrity, consistency and accuracy of data and its exchange so that there’s no leakage of confidential information that could compromise business objectives.
How Covid-19 has increased risks to data
Global lockdowns have pushed companies to work from home, and cyber attackers are looking to exploit security loopholes in these new and remote workstations. While businesses expand their networks by adopting models like freelancing, or “bring your own devices” (BYOD), it’s still an unprecedented change.
Threat researchers pointed out how ransomware attacks — which demand money in exchange for not publishing sensitive data assets — spiked by 148% in March 2020, compared to baseline levels a month earlier.
Brute-force attacks, which employ bots to crack weak credentials — such as easy-to-guess passwords and usernames — also targeted remote desktop software, notably Microsoft’s proprietary Remote Desktop Protocol (RDP), according to security giant Kaspersky Labs. The attacks took advantage of the sudden increase in ill-configured RDP servers at employee residences.
As improvised operations sputter to life, new endpoints have sprung up across distant locations to exchange data packets that hold business information of varying importance. Weak data security hygiene, mainly arising due to the use of personal devices and home Wi-Fi networks, increases the chances of data breaches within these endpoints.
See related article: How blockchain can defend against data heists and cyber attacks
Growing calls for data governance amid the health crisis
Despite recent reports that ransomware groups like Maze and DoppelPaymer pledged they would not attack medical bodies fighting the pandemic — if you can take their word for it — cybercrime gangs remain opportunistic. They are actively scavenging for easy targets as vulnerable nations and communities combat the crisis.
Hackers have targeted financial bodies, supercomputers developing Covid-19 treatments, government agencies, and even top officials of the World Health Organization. WHO Chief Information Officer Bernardo Mariano Jr. revealed how cyberattacks against top officials have shot up since mid-March, with employees suffering from phishing attacks and their passwords getting leaked.
With attention and resources already spread thin, the statistics are alarming for companies and their operational and financial fronts.
A survey by Check Point Software Technologies and Dimensional Research found that 71% of security professionals saw an increase in cyberattacks and threats since the outbreak. Of all respondents, 55% said phishing was the leading threat, with coronavirus-themed malicious websites claiming to offer information or advice close at its heels.
They also highlighted the pitfalls stemming from internal factors. Some 55% of the professionals reported the need for scalable remote access solutions, while another 47% raised the issue of employees using untested services — called shadow IT solutions — at home, which don’t come from a reliable, centralized source. For instance, an employee may discover a better application for file-sharing than the one officially approved. Usage could spread to other members of the department.
Many of these shadow IT solutions include collaboration applications such as Trello and Asana, and also social media platforms like Snapchat and WhatsApp on enterprise devices.
Looming data security risks, coupled with pressures from regulations like the EU General Data Protection Regulation (GDPR) and APEC Cross-Border Privacy Rules (CBPR) to ensure data protection, have made it imperative for businesses to install comprehensive data governance policies.
Such protocols don’t just improve the baseline of security but help companies better understand the strategic value of available and/or sourced data, and how to leverage it.
What a robust data governance policy looks like
A robust data governance policy should articulate the principles, practices and standards deemed necessary by organizational leaders to ensure that the organization has high quality data and that its data assets are protected. Here are some best practices:
- Separate generic information from personally identifiable information, and draft usage rules for both.
- Grant access rights to different employees according to a hierarchy. This prevents misuse, allowing employees to interact only with the data, information and business applications that are essential for their day-to-day functions.
- Define a chain of command for better handling and utilization of data.
- Manage accountability for data among top-level executives, who usually have privileged access.
- Ensure adherence to reporting and compliance requirements.
- Devise a process to identify and fix any deviations from the established data control measures.
Once you know what to do with your data, so will your employees. Outlining a framework for workplace best practices, along with setting up a comprehensive training and awareness program is a sure-shot way of reducing instances of cybercrime.
Beyond the automation, don’t forget that a majority of these corporate data breaches happen due to human negligence. A lack of proactive monitoring not only can lead to financial losses from business disruption, theft of funds and data, as well as legal costs, but also tarnish your brand’s reputation, value and customer experience.
Over time, consumer trust has understandably ebbed away. But there’s always room to rebuild that relationship. A 2017 survey by PricewaterhouseCoopers showed that 72% of consumers believed that businesses could offer the best data protection, beating out governments. However, only 25% felt that companies had actually handled their data responsibly.
In these trying times, an unwillingness to step up and lay out a protective framework can mean losing customers. It could also sound the death knell for stability, with strained relationships further wobbling the boat.
But fret not. Companies that are aware of these negative scenarios become better equipped to prepare for the worst.
As companies beef up against economic burnout, investing in a powerful data security system is a good way to safeguard business-critical processes and data.
Creating awareness around data security practices among your employees, and laying out a data governance policy that is easy to comply with helps ensure smooth sailing ahead. With the right tools to protect data and stay ever vigilant, companies will be better positioned to maintain customer trust and productivity.