Over the past few years, businesses have experienced more high-profile attacks than usual, likely due to cybercriminals using more advanced tactics to carry out data breaches.
With the rise in data breaches and security incidents, organizations should implement processes to ensure security standards are met company-wide. Doing so can strengthen an organization’s security posture and, most importantly, prevent a data breach.
In this article, we will identify data breaches caused by unsecured endpoints and the precautions you can take to prevent a data breach.
Mobile Devices are Often Overlooked
Mobile devices are frequently overlooked and excluded from security conversations, even though they store just as much sensitive information as laptops and desktops.
Mobile devices make up 60% of an organization’s endpoints and can access more than 11 million company files.
More than 40% of data breaches trace back to unsecured endpoints. Unsecured endpoints—such as smartphones, tablets, or laptops—can serve as an access point for hackers attempting to initiate an attack within a company’s network, such as mobile ransomware and operating system (OS) exploitation.
Company-owned mobile devices access valuable corporate data on a daily basis and must be secured to prevent a data breach.
Examples of Data Breaches Caused by Unsecured Endpoints
In 2022, 22 billion records were exposed due to data breaches.
Corporate-owned IT assets are some of the least regulated tools employees use. Mobile devices can put customers and entire corporations at risk when left unsecured.
Here are a few data breaches caused by unsecured endpoints that left rippling effects:
Heathrow Airport experienced a serious data leak due to an employee losing a company USB memory stick. The flash drive contained more than 1,000 unencrypted files and was not password protected.
The compromised information on the device included a training video exposing ten people’s birth dates, names, and passport numbers. Although a civilian eventually found the flash drive, the company still faced serious fines.
The Information Commissioner’s Office in Europe discovered that only 2% of the airport’s 6,500 member workforce had been trained in data protection.
The company couldn’t have prevented the employee from losing the flash drive, but the data on the device could’ve been protected with encryption measures. Additionally, if the data was encrypted, the company’s IT team could have taken remote data destruction measures to prevent non-personnel from accessing or viewing sensitive corporate files.
Elekta, a Swedish company that coordinates radiation therapy services and provides data equipment related to those services, experienced a data breach in 2021, affecting the health records of almost 200 patients.
Hackers targeted Elekta’s cloud-based platform, and since Elekta failed to maintain adequate security measures and procedures, they were able to access the platform for almost three weeks. Elekta learned of the data breach when hackers initiated a mobile ransomware attack on one of their devices.
Since Elekta is a third-party company many US healthcare providers use for radiation services, some of Elekta’s partners—like Northwestern Memorial HealthCare—felt the rippling effects of the data breach due to connected systems. Since Elekta has connected systems with some of its partners, the extent of the data breach remains unclear.
This data breach could have been prevented by performing backups and implementing multi-factor authentication (MFA) on corporate-issued equipment.
Backing up data is an essential part of securing endpoints. Performing regular backups on active corporate-issued devices reduces the possibility of data loss or theft from a cybercriminal.
Implementing MFA makes it more difficult for hackers to access an organization’s database. MFA requires additional credentials from users accessing company platforms, adding an extra layer of protection for endpoints while minimizing the possibility of unauthorized access.
National Archives and Records Administration
The National Archives and Records Administration (NARA) experienced a serious data security incident affecting the personally identifiable information (PII) of millions of veterans.
The year before the incident, the hard drive was deemed defective and returned to the contractor who sold it to NARA for repair. When the contractor—Government Micro Resources Inc (GMRI)—couldn’t fix it, NARA sent the device to another vendor to be recycled without checking the hard drive’s contents and destroying the data on it.
The data breach put millions of veterans at risk of identity theft, as the hard drive stored data related to the eVetRecs, a system veterans used to request copies of their health records and discharge papers.
This incident emphasizes the importance of keeping endpoints secured. When the hard drive was deemed unrepairable, NARA’s IT manager let it sit unencrypted in his safe. When devices sit idly in drawers or IT closets, they put an organization at risk for OS exploitation.
The device being sent to another vendor for recycling without destroying the data on it shows that the employees accessing the hard drive did not follow any security protocol, which is why establishing company procedures for handling IT equipment is essential.
Aside from implementing a policy to set security expectations, NARA should have purged the data on the hard drive following the NIST 800–88 data destruction standard.
The Repercussions a Company can Face
Cyber security incidents leave long-lasting effects and can significantly damage brand reputation, which can change how organizations conduct business.
The repercussions of a data breach can be astronomical. Here are a few repercussions a company can face after experiencing a data breach:
- Customers with exposed records can initiate a lawsuit against organizations that didn’t take the proper precautions to protect their information.
- If a company waits to disclose a data breach, it can face repercussions from corporate regulations due to strict disclosure laws.
- Depending on what a hacker targets, companies can experience a loss of intellectual property, such as designs and business strategies.
Failing to take the right steps to prevent a data breach could put you in a situation where you don’t have the time, money, or resources to recover. Here are a few standard operating procedures and processes companies should have in place to ensure data security for unsecured endpoints:
- Utilize a UEM platform, so if an endpoint is lost or stolen, the device can s be remote wiped, and corporate data isn’t exposed.
- Document the device serial number and enable “find my device” or other device-tracking features to locate idle, lost, or stolen endpoints.
- Recover all corporate-owned IT assets before redeploying, reselling, or recycling them.
Ensuring Data Security Through IT Asset Recovery With Mobile reCell
Any endpoint connected to your network could be the reason your company faces a breach.
Corporate data is invaluable, and every unrecovered device poses a serious data risk for your organization.
One of the most effective steps in mitigating a corporate data breach is to recover all corporate-owned IT assets. We help organizations ensure data security by setting up IT asset recovery programs and recovering their corporate-owned IT assets.
Mobile reCell provides the go-to solution for corporate-owned IT asset recovery and uses the highest security level of data destruction based on the device’s data state.
Implementing a successful IT asset recovery program and mobile device policy ensures data security and mitigates threats to your company, employees, partners, and customers.
Need help establishing an IT asset recovery program or securing exposed endpoints? Chat with us.
Follow us on social media!
See Mobile reCell's Recovery Platform in action.