What the Sony Hack Has Taught Companies About Security

By We Photo Booth You

Reach Laura @BizReviewAu

The breach of Sony Pictures Entertainment’s security in November is proving to be far more prolific than anyone—especially at Sony—could imagine. Besides the gossipy bits (there is no way Leonardo DiCaprio could be “despicable”, thank you very much) a lot of important, serious information was released to the public and could have far-reaching ramifications for years to come. Information security is no joke, especially when personal information, more along the lines of US Social Security numbers than how the CEO felt about Angelina Jolie, is on the line.

Contracts, termination dates, termination reasons, salaries, home addresses and contact information for the stars made it onto file-sharing networks.  The downfall? Information was stored in Microsoft Excel files without password protection. This should be a huge red flag for any company that stores customer and employee information on computers that are connected to the Internet—basically, all computers.

"This is a common theme of corporations today," Todd Feinman, Identity Finder CEO shared with CNET. "They think they are protected by firewalls and perimeter security, but the border is becoming blurred, and attacks get through."

Read related articles on Business Review Australia:
Three Reasons Why Cyber Security Should Be A Priority For Company Directors
Why Information Security Departments Are Under-Resourced
[Infographic] The History Of Email: From M.I.T. to 1bn Gmail Accounts

To make matters worse, multiple copies of data were found, meaning the Excel spreadsheets were saved more times than necessary, and dramatically increased the security risk of the company.

"When you have multiple copies of this data, you are giving hackers multiple opportunities to steal sensitive information when they get through," he said. "If Sony had reduced its sensitive data footprint by reducing the number of copies of data and reducing the number of employees with access to the data, we would have seen zero or only one file."

Although nothing is guaranteed safe as the border continues to be “blurred”, there are several ways to make it harder for potential hackers to get into your system. Perhaps the most basic lesson: Don’t store passwords in the same places as your password protected documents. Consider investing in password managing software or apps, and keep these databases on machines separate from ones containing the documents or programs that need the password. Another separation tip: keep financial and healthcare documents separate from other data.

If you still think these few tips aren’t enough, don’t hesitate to invest in security upfront. Sony will spend a hell of a lot more money at this stage of the game to clean up the mess than the company ever would have if they had paid for tighter security upfront. 


Featured Articles

Nirvik Singh, COO Grey Group on adding colour to campaigns

Nirvik Singh, Global COO and President International of Grey Group, cultivating culture and utilising AI to enhance rather than replace human creativity

How Longi became the world’s leading solar tech manufacturer

On a mission to accelerate the adoption of sustainable energy solutions, US$30 billion Chinese tech firm Longi is not just selling solar – but using it

How Samsung’s US$5billion sustainability plan is working out

Armed with an ambitious billion-dollar strategy, Samsung is on track to achieve net zero carbon emissions company-wide by 2050 – but challenges persist

UOB: making strides in sustainability across Southeast Asia


Huawei smartwatch goes for gold with Ultimate Edition


How IKEA India plans to double business, triple headcount

Corporate Finance