What the Sony Hack Has Taught Companies About Security

By We Photo Booth You

Reach Laura @BizReviewAu

The breach of Sony Pictures Entertainment’s security in November is proving to be far more prolific than anyone—especially at Sony—could imagine. Besides the gossipy bits (there is no way Leonardo DiCaprio could be “despicable”, thank you very much) a lot of important, serious information was released to the public and could have far-reaching ramifications for years to come. Information security is no joke, especially when personal information, more along the lines of US Social Security numbers than how the CEO felt about Angelina Jolie, is on the line.

Contracts, termination dates, termination reasons, salaries, home addresses and contact information for the stars made it onto file-sharing networks.  The downfall? Information was stored in Microsoft Excel files without password protection. This should be a huge red flag for any company that stores customer and employee information on computers that are connected to the Internet—basically, all computers.

"This is a common theme of corporations today," Todd Feinman, Identity Finder CEO shared with CNET. "They think they are protected by firewalls and perimeter security, but the border is becoming blurred, and attacks get through."

Read related articles on Business Review Australia:
Three Reasons Why Cyber Security Should Be A Priority For Company Directors
Why Information Security Departments Are Under-Resourced
[Infographic] The History Of Email: From M.I.T. to 1bn Gmail Accounts

To make matters worse, multiple copies of data were found, meaning the Excel spreadsheets were saved more times than necessary, and dramatically increased the security risk of the company.

"When you have multiple copies of this data, you are giving hackers multiple opportunities to steal sensitive information when they get through," he said. "If Sony had reduced its sensitive data footprint by reducing the number of copies of data and reducing the number of employees with access to the data, we would have seen zero or only one file."

Although nothing is guaranteed safe as the border continues to be “blurred”, there are several ways to make it harder for potential hackers to get into your system. Perhaps the most basic lesson: Don’t store passwords in the same places as your password protected documents. Consider investing in password managing software or apps, and keep these databases on machines separate from ones containing the documents or programs that need the password. Another separation tip: keep financial and healthcare documents separate from other data.

If you still think these few tips aren’t enough, don’t hesitate to invest in security upfront. Sony will spend a hell of a lot more money at this stage of the game to clean up the mess than the company ever would have if they had paid for tighter security upfront. 

Share

Featured Articles

The world’s biggest chipmaker bets big on renewable energy

Despite the struggle faced by chipmakers to reduce emissions, Taiwan Semiconductor Manufacturing is accelerating renewable energy adoption by 10 years

Uniqlo shakes up leadership amid global retail ambitions

Fast Retailing, the group behind Japan’s Uniqlo, overtakes Gap with soaring profits and is now eyeing accelerated global expansion with executive shakeup

What is the ESG strategy of Chinese automaker Geely Holding?

Chinese automotive giant Geely Holding released its 2022 sustainability report, so what is the car maker’s ESG strategy?

Top 10 best-performing CEOs in Singapore

Leadership & Strategy

Top 10 women behind India’s most successful tech startups

Leadership & Strategy

Top 10 best private members clubs in Singapore and Hong Kong

Leadership & Strategy