Insiders and human frailty are still a big problem in data security, according to a new study from Symmatec. Along with system issues these account for two thirds of data breaches. I suspect system issues means misconfiguration and poorly written code (from a security standpoint), though I can’t be sure there aren’t other factors that contribute. What’s disconcerting is that employee behavior problems seem to be rising.
I think this is partly the result of attitudes and a lack of loyalty and respect from many companies towards their employees. It seems that job dissatisfaction is on the rise, and coupled with a lack of employment security, this makes it easy for some people to ignore regulations, not bother securing their systems, or even copy internal data themselves.
I don’t know how we change the insider problems without fundamental employer/employee cultural changes. I’m not confident those will change in the short term, and I suspect next year’s report might look similar to this one. I do know, however, that we can each to a better job by learning more about secure coding, secure installation, and encryption. Many of these topics aren’t that hard to understand or even implement, but they do require some practice to build habits and become comfortable with the technologies and processes.
Security is looking like a constant challenge for those of us working with technology for the foreseeable future. Learning more about how it works, and building the habits to implement it smoothly, in all our systems, or the challenge we should take on for ourselves.
The Voice of the DBA Podcasts
We publish three versions of the podcast each day for you to enjoy.