For ten weeks there has been
data breaches ranging from physical to malware to cyber. For week 11 this
breach happens from inside the company. Patient’s information was breached at
Children’s Medical Clinics of East Texas when an employee took unauthorized
screenshots of patient records (McGee, 2015).Not only do businesses have to
worry about outsider threats they have to worry about insider threats as well.
A former employee took
screenshots that were not authorized and sent them to a dissatisfied
employee. The employee also took home business documents and did not
return them (McGee, 2015).Children’s Medical Clinics of East Texas is not sure
what patients records were exposed. This breach could affect over 16,000
patients at the clinic. Children’s Medical Clinics of East Texas is providing
free credit monitoring to patients that ask for the service. Children’s Medical
Clinics of East Texas is conducting a strict internal audit and may possibly upgrade
security systems with guidance from Health and Human services (McGee, 2015).
Insider threats are just as
risky as outsider threats. Companies need to review how information is transferred
between businesses and how their employees handle information as well. If users
need to transfer documents the business needs to be able to track the
information. That also goes for USB access and file sharing websites.
Screenshots are useful for help desk technicians to solve problems and it would
be hard to block those altogether if they are used for other business functions.
The best thing a business can do is to mitigate
risk of information being taken.
References
McGee, M. (2015, November
11). Clinic Breach Involved Authorized User. Retrieved November 17, 2015, from
http://www.databreachtoday.com/clinic-breach-involved-authorized-user-a-8677
No comments:
Post a Comment