Learn About Physical Data Breach & Protect Yourself Against It

Posted on by David Lukic in Security Tips December 04, 2020
https://content.infopay.net/storage/thumbnails/rpwXEBT0KuhWBCkvCz1zTPlR4y6wDiTidrOAv3Vo.jpg

The media sensationalizes data breaches on the news just about every day. However, do you know what a data breach means for you? Data breaches are serious business, whether perpetrated from a physical break-in or theft or via the internet while no one is watching.

What is a Data Breach?

A data breach is when private or sensitive information is accessed or stolen without the permission or knowledge of the rightful owner. Data breaches can occur within small companies, large companies, and even individuals. Data breaches can happen in a variety of different ways, such as through credit card skimming devices at the gas station or ATM and through malware like with the Home Depot and Target digital data breaches. In some cases, information is stolen through physical means, and that is called a physical data breach. 

Definition of Physical Data Breach?

A physical data breach occurs when information is actually physically stolen through documents or computers and other hardware. The Heartland Payment Systems data breach is a good example. In May of 2015, Albert Gonzales broke into the local offices of Heartland Payment Systems in Florida and took computer equipment that contained payroll information, social security numbers, and banking information. That data breach cost the company $140 million in damages, penalties, and fees. They had not protected their hardware and software with any type of security, but they thought they were safe.

An Example of Physical Data Breach

Sometimes physical data breaches come from employees, ex-employees or a third-party vendor. These types of data breaches are called insider data breaches. One example of an insider data breach, which is also a physical data breach was that of Anthony Levandowski. He was a former Google employee working in their autonomous car department, now called Waymo. Before leaving Google, Levandowski copied and stole thousands of files, including blueprints. He left Google to start his own company Otto Motors which was soon after purchased by Uber. When the insider data breach was discovered, Google sued Uber, and they were forced to pay out $245 million

How Can You Stay Safe from Physical Data Breaches?

Roughly 51% of businesses are at risk for physical data breaches because their systems, hardware, and other assets are not appropriately secured. There are a lot of things you can do to secure your property to safeguard against theft, data loss, and all types of breaches. 

  • Inventory - take a full inventory of your sensitive and personal assets and destroy what you don’t need. Only keep what you use. Many data breaches are due to the theft of old, unused information, but it can still be used for identity theft.

  • Shred old documents and anything with personal data on it before throwing it out. Don’t forget to destroy CDs, DVDs, hard drives, credit or other cards, and use special software to remove files and data from hard drives before getting rid of them. Simply erasing the data does not work. A skilled hacker can restore it and still access the information. 

  • Invest in physical locks for equipment, server rooms, and computers. Restrict access on a need-to-know basis. 

  • Before hiring new employees, do a thorough background check.

  • Do not use social security numbers as IDs, update your systems to include a randomly generated number that cannot be faked.

  • Install monitoring software on all computers, servers, and mobile devices to continuously watch for intrusions, or unauthorized access. Have a policy in place to restrict access to private information and configure logins to use only what each person needs to do their job. When someone leaves the company, rescind their access immediately.

  • Implement strong password protocols and force a password reset at least every 30 days. 

  • Never store personal passwords or other information on a computer connected directly to the internet. 

  • Keep all computers updated with the latest operating system and security patches.

  • Install and run antivirus software often. 

  • Configure the firewall on your router to prevent unauthorized connections.

  • Mandate encryption of all data, files, computers, and mobile devices. That way, if they are stolen, there is less of a chance the thief can access the data.

  • Keep a close eye on portable media like USB drives, CDs, DVDs, and other devices that might carry personal information right out the door. 

When you close up shop each night and lock the door, you may feel a sense of comfort that you are locking out the world. But the simple truth is, if criminals want to get in, they will so you have to take further steps and think “worst-case scenario” to secure your assets inside and out and protect yours and your customer’s data.

About the Author
IDStrong Logo

Related Articles

Secure Wi-Fi and Wireless Technology Security Tips

Your Wi-Fi network is another handy access point that hackers use to infiltrate your computers, steal you... Read More

How Does a VPN Work and How to Choose one

VPN stands for Virtual Private Network. It allows you to hide your public IP address and browse privately... Read More

Complete Guide to Android Security

The Android platform offers a ton of flexibility and customization for users. However, all that freedom d... Read More

Increase Your Google Chrome Privacy Settings in 4 Easy Steps

In this time of digital transparency and data breaches, it’s more important than ever to feel like you ... Read More

FREE IDENTITY THREAT SCAN
Scan Your Records for Breaches, Leaks & Exposures!