The Fraud Examiner

Storing Data in the Shadows and the Cloud
 

 What CFEs Should Know About Emerging Threats to Data Security  

 

July 2013  

By Zach Capers, CFE 

 

In the rush to embrace developing technologies, organizations and their employees often unwittingly increase the risks of data loss. The convergence of cloud computing and powerful employee mobile devices means the goals of securing sensitive data and maintaining regulatory compliance are becoming more difficult. Many employees today incorporate personal devices into their daily work routine, often storing precious company documents on the same smart phones that access various social media apps, and are routinely left in movie theaters, taxis and restaurants.

 

All too often, fraud examiners’ efforts to prevent the theft of intellectual property and customer records are undermined by constantly evolving technological trends and a lack of awareness of the relative risks. While many data breaches are the result of malware or aggressive hacking techniques, a significant portion of exposed data is the result not of theft, but of negligence. Headlines commonly allude to incidents of important files being lost due to a stolen laptopor a dropped USB stick. Today, data can be stored in countless mediums, including but not limited to:

 

USB flash drives

Memory cards

Internal/fixed hard drives

External/portable hard drives

Network attached storage

Magnetic tape

Copy/fax machine memory

Mobile devices (phones, tablets, audio players, video game systems)

CD/DVD/Blu-ray discs

Cloud storage

 

Bring Your Own Device 

Adding to the challenges incurred by disparate data storage methods is the phenomenon known as bring your own device (BYOD), which has swept across the business world after the mass migration to smart phones and tablets in recent years. Far removed from the heyday of the company-provided cell phone or laptop, today’s employees increasingly utilize their own mobile devices, paid for out of their own pockets. This situation is advantageous to the company from a cost perspective, and pleasing to employees who would rather not be forced to use an employer-issued device. Additionally, personally owned devices tend to be better cared for and used more effectively. Determining who pays for mobile services, discerning the line between personal and business information, and ensuring the security of mobile data are among the many challenges posed by BYOD.

 


Sign In

Not a member? Click here to Join Now and access the full page.