Given the amount of intellectual property and data theft occurring recently, a lot of questions have been raised regarding the security models that most companies have been using for the past decade.
The Trend That Portends
Analysts of both data and intellectual property theft have noticed that the criminals trying to steal information are no longer just looking for credit card and social security numbers. Instead, they are often stealing information to utilize it or have others utilize it to gain competitive advantage in legitimate businesses.
Because their strategy has changed, it means that company owners and management should take a hard look at where they are keeping their intellectual property data and take appropriate steps. It actually has become the case that hundreds of firms, both large and small have moved their data storage offsite to data center facilities to take advantage of the sophisticated security and lower cost hardware maintenance. And while even data centers have been breached by hackers, most would point out that if criminals can somehow manage to pull off a data heist at a provider, think about what they would do to your firm if they targeted it. The odds of a successful breach go down significantly at an enterprise level data center.
Patent Trolls Under The Bridge
A California vintner would agree. After developing a revolutionary new wine type and filing for patent protection, a group of patent trolls learned of the process via the press release. Within a short amount of time, the vintner’s company internet connection was hacked at the router level at public research facilities, giving the trolls control of all e-mail and online passwords. The vintner also later learned that their offices were bugged and their phone conversations tapped. Investors in the vintner’s firm called to make the vintner aware that a ‘group’ of men were searching the world to find where their patent was filed. Were the trolls able to get control of the process information beyond what was published so that they could attack the patent and reverse engineer their own formula? Not as of right now. The vintner was smart to file the patent in an undisclosed country, forcing competitors to search the entire world to find their data. Similarly, the group of competitors was exposed as being criminal by the investors, making it difficult for them to pull off their attempted heist. Although the vintner’s e-mail and online passwords were compromised, their data center solutions that were employed allowed them to store their wine process documents at the data center in an encrypted format that was never breached.
Now 2.0: Even The Best Are Getting Rolled
Tasked with ensuring that all members and former members of the United States military had both a secure and very functional digital health record experience, the California company working on the project spent years and millions of government dollars to create a system that worked well. The built-in security and data integrity checks meant that there was no possible way for unauthorized personnel to breach the system. Everything went smoothly until 2011, when a trend towards boutique data theft caught them flat-footed. An employee left the backup tapes for the entire project in a car in Texas. Predictably, the tapes were stolen and now every member and former member of the military potentially have their entire medical history exposed to criminals- while the company is out the intellectual property it developed in the form of supposedly unbreakable encryption.
Staying Ahead Of Those At The Walls
A look at the commonalities in terms of type of attack that many firms are experiencing shows that thieves are targeting mobile users with actual data carried on them much more often than companies would surmise. Everything from phone prototypes to movie copies have been taken. Therefore, in addition to considering storing data offsite at a data center, firms should also consider limiting access offsite to products and services that are still in development.