Data loss is on the steady rise among private companies and public organizations alike, creating a dire risk for companies during the coronavirus crisis.
This is according to a new data trends report by cybersecurity solutions firm Digital Guardian, which revealed that hundreds of terabytes of potentially sensitive corporate data might be at risk due to being stored in employee homes on USB drives.
The report, which strove to assess the risk of sensitive data loss during the coronavirus crisis, covered organizations across a range of sectors, including financial services, business services, manufacturing and healthcare, among others.
Among its findings, Digital Guardian showed that employees have been copying company data onto USB drives more than twice as often as they’d done prior to the outbreak of the coronavirus pandemic in March, with a majority of that data being classified. Also noteworthy is that data egress though email, USB, and cloud services were similarly found to have surged during the pandemic, with much of that data also being classified. To top things off, sizeable increases in malicious activity on both corporate networks and servers, and in incident-response investigations, were uncovered by the report.
“Organizations have accepted that the economic and health effects of COVID-19 will be with them for the foreseeable future and working from home will remain a requirement for many of their employees,” explained the group’s vice president for cybersecurity Tim Bandos. “Our research indicates remote employees are egressing classified data at unprecedented rates across all egress paths.
“Executives and security teams would be wise to consider implementing solutions that provide visibility into this behavior, and a means to control it, in order to avoid a potential data breach,” he added.
A deluge of data loss: Digital Guardian’s key findings
According to the report, which aggregated and anonymized data from almost 200 global clients of its Managed Security Program, data loss—whether negligent or malicious—is a growing problem for organizations and aggravated by the coronavirus crisis.
The major increase of 123% in the volume of data downloaded to USB devices by employees since coronavirus was declared a pandemic on March 11, for example, serves to underscore the stakes with respect to data loss. Taken in combination with the fact that 74% of such data was found to be classified according to organization data governance policies, the risk of malicious expropriation or negligent data loss appears greater than ever before.
Additionally, the researchers found that cloud storage and USB devices had become the most preferred egress paths since March 11, accounting for a large part (89%) of all data egressed. Data egress via all paths, the researchers added, which includes via email and other means, was 80% higher in the first month following WHO’s pandemic declaration. Interestingly, over 50% of the data egressed was classified, the report found, fueling further concern about the potential for trouble.
The sheer magnitude of information in question further stokes fears about potential data loss. According to the report, for example, from March 11 to April 15, employees uploaded 336 terabytes of data onto the cloud, marking an 72% increase from the months of January and February combined.
To add fuel to the flame, existing fears around the hazards of data loss were also largely confirmed by the Digital Guardian data. According to the group’s managed detection response analysts, a 62% increase in malicious activity from external attackers was detected subsequent to the coronavirus pandemic declaration—a figure that corresponded to a 54% increase in incident response investigations required.
New risks bring new advice in the coronavirus era
The report was also released alongside a primer on data security enforcement actions, which gave actionable advice to business leaders with respect to preventing sensitive data loss in the age of the coronavirus.
According to the researchers, these steps include making sure that files and emails are encrypted, quarantined and, if moved onto a USB drive, then also sent to a central server for later analysis, a process known as shadowing.
The researchers also suggest adding warnings to employees, adding or modifying a file’s digital rights management, and modifying file permissions as additional protective steps.
“In times of economic uncertainty, employees tend to protect what they believe is theirs, and attempt to take sensitive data prior to being possibly laid off,” explained Bandos with respect to preventing sensitive data loss.
“That is the type of behavior our research is indicating and in some cases has proven to be true. We don’t see a lot of the data going to the Dark Web. We see employees that worked on projects and think the data belongs to them,” he added.