Researchers at the Department of Computer Science, University of Oxford studied over 1 million Android users to find that over 90% of the apps on Google Play Store shared all the data with Google. In fact, 1 in every 5 of these apps shares data with 20+ third parties.
And, your data wields power!
The Cambridge Analytics fiasco and the 2013 revelations made by Snowden are evidence of the growing menace of State surveillance. While individual freedom and privacy are increasingly under attack, businesses are not immune to these onslaughts either. Economic espionage has become a proven strategy for governments and their state-sponsored businesses to steal critical technology from foreign organizations and companies. Stolen corporate secrets are then used to improve the competitiveness of these organizations in international markets.
So, in an era where data sharing and data harvesting are out of control, here are 4 things that you can do today to protect your enterprise data.
NOTE: Intratem is not affiliated or is promoting any of the services mentioned below. The brands used are mere examples.
If you want complete security, then stay away from all free email providers. Pick an email provider with exceptional track record with privacy and security. The most common email providers like Google, Yahoo, AOL, and others have been hacked numerous times.
A few free email service providers like Proton Mail and Tutanota have earned an excellent reputation when it comes to privacy. Even if hackers manage to break through the (near)impossible-to-break security offered by the likes of these two, their Zero Knowledge systems make the hacked data inaccessible.
Remember, even though secure email services can encrypt the mail, the metadata cannot be encrypted.
Secure Web Browsing
Your browsing history can tell a lot about what you are thinking. To safeguard this information, make sure that you find a browser that does not store and share your browsing history with anyone and everyone.
One of the most popular names in this category is the Tor Browser. It can veil all your employees’ browsing behavior and prevent anyone from using it. Again, search engines track your data too, so choose something other than Google which don’t track you.
What Snowden shocked the world with his NSA leaks, it was clear that if you respect your privacy, then you should not use any cloud-storage service based in the USA, the UK, France, and other such countries who do not mind sharing your data with surveillance agencies. That doesn’t mean foreign cloud services are entirely secure either. Gifted with sufficient resources, you can bet that snooping agencies can and have wiggled themselves into these services too. Therefore, you can also use more secure services like Transporter and PogoPlug. Again, just like with email services, you can use more robust cloud storage services with Zero Knowledge encryption like SpiderOak, pCloud, or Tresorit in your organization.
Ask your employees to use TrueCrypt or a similarly safe service to encrypt all the data on their USB drives.
No mobile device is entirely secure, and the biggest weakness in your mobile security strategy is the human element. Even tech-savvy employees are prone to generic social engineering attacks. In addition to educating them on the most common types of social engineering attacks, ensure that they do not compromise confidential information if they do fall prey to such attacks. Deploy multi-layered access to corporate data. All critical information should be accessible only on the corporate network. Less critical information can be made available for access from other networks by deploying another layer of login and password-protected security. Also, ensure that the critical data is never downloaded and stored on the phones. MDM can certainly help.