Gregg Petersen, Regional Sales Vice President, Middle East & Africa at Veeam, discusses the importance of data protection and keeping data protected from insider threats, and data loss.
“Malicious attacks from employees may be less frequent than external attacks, however their damage potential can be just as catastrophic, if not more so,” said Petersen.
“Those out to cause corporate sabotage are in a unique position as they will have authorised access to important data and will be able to do extensive research on what’s available and if inclined what it’s worth to external groups. It will only take one of the third parties to use the data to get into the system for data and the entire business to be compromised, or for it to be used in a competitive way to gain insight into the wider business.
“As organisations migrate to hyper-availability where businesses are always on, it’s imperative that businesses think bigger and have an understanding of the data they hold, where it is located and who can access it. And while GDPR forces businesses to evaluate who has access to what data, little can currently be done to mitigate the risk posed by those legitimately authorised to access data sets but who have bad intentions. However a move to behavioural-based data management from rigid policy-based data strategies, while not risk free, does mean that unusual requests have more chance of being flagged to administrators.
“Data management and protection, day or night, is a fundamental responsibility for businesses today, not just to its customers, but to its stakeholders and board. Not having the right protection in place could see an organisation suffer significantly. For one of the world’s most foremost innovators to fall foul of such sabotage should ring bells in businesses across the globe, for the outcomes of such breaches can spell long-term financial and reputational damage.”