Symantec’s now infamous 2011 Internet Security Threat Report is packed full of who, why, where and how when it comes to online attacks in the past year. Published in April 2012, the document highlights the latest trends in Internet security.
One increasing risk, as many know, is mobile, due in part to increasing smartphone user growth – Gartner predicts sales to hit 645 million by the end of 2012. This means an increase in mobile malware that can collect, send or track data (93.3% increase in mobile vulnerabilities since 2010). Mobile devices are also at risk for loss or theft; if personal or confidential company/client data is stored locally on your device, this can result in a data breach.
One way companies can safeguard a BYOD (Bring Your Own Device) environment includes creating a mobile security strategy, developing standardized user policies, and engaging in employee training.
[If you’re interested in learning more about crafting a
secure and compliant BYOD environment, don’t miss our Fall into IT presentation, BYOD: From Concept to Reality, presented by Kirk Larson, VP and CIO of the Children’s Hospital Central California. More details here.
Recommended Reading: Keep ePHI on Secure Networks, Not Mobile Devices, Recommends OCR].
The report also revealed that half of the total targeted online attacks were directed at small-to-medium sized businesses with fewer than 2,500 employees. Seventeen percent were directed at companies with fewer than 250 employees. The report cites the possibility that smaller organizations may not invest as much time or budget into proper security, but they may still be in partnership with larger companies, and offer an open door to hackers.
Who, specifically within those organizations, is being targeted?
Shared mailboxes (23 percent). are close behind the executive level employees (25 percent). Sales are third at 12 percent.
The industries with the greatest number of total identities exposed included computer software, IT and healthcare sectors, accounting for 93 percent of total stolen identities in 2011. When it came to data breaches, healthcare blew all of the other industries out of the water at 43 percent. Next came government (14 percent) and third was education (13 percent).
What can you do to protect your company from a potential data breach? While our PCI Compliant Hosting white paper is primarily directed at ecommerce and financial industries, it provides a comprehensive overview of the technology that can protect any web/application and database servers, regardless of industry type. From Web Application Firewalls (WAFs) to Daily Log Review, this paper explains each in detail. Download our PCI Compliant Hosting white paper today.
For healthcare organizations, download our HIPAA Compliant Hosting white paper for HIPAA/HITECH requirements and recommendations.
Symantec’s 2011 Internet Security Threat Report (PDF)