27 May 2016
Category: Claims
27 May 2016,

Data loss and data breach

According to the Ponemon Institute’s 2015 global breach survey, on a global basis the average cost of a breach was $3.8 million, with a cost of $154 per individual record lost or compromised. Small and large companies run the risk of a data breach. The implications can be grave. In its 2016 Data Protection and Breach Readiness Guide, Online Trust Alliance (OTA) outlined advice to help businesses optimize privacy and security practices to help reduce the risk of data loss.

Data loss and identity theft occur from an increasing level of deceptive practices. Social engineering, forged email, malvertising, phishing and fraudulent acquisition of Internet domains are rising, according to OTA. Because of this, OTA recommends businesses implement the following to protect data:

Encrypt data at rest and in transit

  1. Enforce effective password management policies
  2. Implement a Least Privilege User Access (LUA) security strategy
  3. Conduct regular security design and code reviews including penetration test and vulnerability scans
  4. Secure client devices by deploying multi-layered firewall
  5. Require email authentication on all inbound and outbound mail servers
  6. Implement a mobile device management program
  7. Monitor security in real-time
  8. Deploy web-application firewalls
  9. Permit only authorized wireless devices
  10. Implement Always On Secure Socket Layer
  11. Review server certificates and vulnerabilities
  12. Develop, test and continually refine data breach response plan
  13. Establish and manage vulnerability/threat intelligence reporting program

Copyright © 2004-2016 American Land Title Association. All rights reserved.

This article has been used and reprinted with the permission of The American Land Title Association.  The material is for general information purposes only and is not to be relied upon or used for any particular purpose. Title Industry Assurance Company, RRG and The American Land Title Association shall not be held responsible in any way for, and specifically disclaims any liability arising out of or in any way connected to, reliance on or use of any of the information contained or referenced in this article. The information contained or referenced in this article is not intended to constitute and should not be considered legal or professional advice, nor shall it serve as a substitute for the recipient obtaining such advice.

Comments are closed.