The Fraud Examiner
Storing Data in the Shadows and the Cloud
What
CFEs Should Know About Emerging Threats to Data Security
July 2013
By Zach Capers, CFE
In the rush to embrace developing technologies, organizations and their employees often unwittingly increase the risks of data loss. The convergence of cloud computing and powerful employee mobile devices means the goals of securing sensitive data and maintaining regulatory compliance are becoming more
difficult. Many employees today incorporate personal devices into their daily work routine, often storing precious company documents on the same smart phones that access various social media apps, and are routinely left in movie theaters, taxis and restaurants.
All too often, fraud examiners’ efforts to prevent the theft of intellectual property and customer records are undermined by constantly evolving technological trends and a lack of awareness of the relative risks. While many data breaches are the
result of malware or
aggressive hacking techniques, a significant portion of exposed data is the result not of theft, but of negligence. Headlines commonly allude to incidents of important files being lost due to a
stolen laptopor a
dropped USB stick. Today, data can be stored in countless mediums, including but not limited to:
USB flash drives
Memory cards
Internal/fixed hard drives
External/portable hard drives
Network attached storage
Magnetic tape
Copy/fax machine memory
Mobile devices (phones, tablets, audio players, video game systems)
CD/DVD/Blu-ray discs
Cloud storage
Bring Your Own Device
Adding to the challenges incurred by disparate data storage methods is the phenomenon known as bring your own device (BYOD), which has swept across the business world after the mass migration to smart phones and tablets in recent years. Far removed from the heyday of the company-provided cell phone or
laptop, today’s employees increasingly utilize their own mobile devices, paid for out of their own pockets. This situation is advantageous to the company from a cost perspective, and pleasing to employees who would rather not be forced to use an employer-issued device. Additionally, personally owned devices
tend to be better cared for and used more effectively. Determining who pays for mobile services, discerning the line between personal and business information, and ensuring the security of mobile data are among the many challenges posed by BYOD.
Sign In
Not a member? Click here to Join Now and access the full page.