Beyond the Breach: Why Data Integrity Matters
In a previous article, I talked about the threats and risks due to loss of confidentiality through data breaches and what you as a business leader can do to minimize those risks.
The high-profile security events of the past year have been mainly centered on theft or unauthorized access of data, with data being held for ransom or sold to the highest bidder on the black market. Organizations must continue to focus on building strong defenses, but if finding protected data is the goal for attackers, organizations must also be aware of the threats associated with the second point of the security triad: integrity.
You may have the most current intrusion detection and prevention technology, but if your critical data is altered, and you have no way of knowing how, when and by whom changes were made, this may have a major impact on your reputation and ability to operate.
What is data integrity?
Data integrity concerns the validity and trustworthiness of the data; the accuracy and completeness of the information; and the methods used to process and manage it. Clean and complete data allows us to make intelligent business decisions. Bad and incomplete data can significantly reduce the success of organization.
But data integrity issues are not always easily detectable. As we have moved away from hard-copy record-keeping, detecting data manipulation becomes more difficult. If we don’t have appropriate controls in place to prevent changes to the records we rely on for both day-to-day operations and for compliance reporting, then we could be in serious trouble!
What are the consequences of altered data?
If you are a healthcare institution, any unauthorized changes to patient records could literally put the lives of patients at risk. Changes to diagnoses, medical history and medication records could be disastrous.
If you are a financial institution or a public company, even small, unauthorized changes in data could create major problems, especially if the data forms are part of a report to shareholders or filings with regulatory bodies.
For Catskill Hudson Bank in New York, network bandwidth and connectivity play a big role in keeping data intact. “Our ability to use myriad monitoring and security tools is only due to our IT infrastructure that is based on Time Warner Cable Business Class’ service,” says Kevin McLaren, the bank’s executive vice president. “Without that bandwidth and the connectivity, we would be unable to meet the ever-increasing demands for data security, which is of utmost importance to the bank, to our customers, and from a regulatory perspective.”
Think about the impact of human resources data and systems being compromised—unauthorized changes could seriously affect reorganizations, onboarding, talent movement, payroll updates and more.
If you are in the travel industry, ensuring the integrity of schedules, from traveler information to engine maintenance, is critical to operations—imagine the chaos that could ensue—and maintaining brand reputation.
How can data integrity be compromised?
It is important to be aware of the different ways data integrity can be compromised and what steps can be taken to reduce the risk, but and also to be able to recover, should a breach occur.
First, let’s look at the ways data integrity can be compromised:
- Technical causes: Hardware malfunction, hard drive crashes and software errors and bugs could corrupt data. Additionally, there are less obvious and therefore harder-to-detect problems that could occur with data transport. We assume that when we send data from one computer to another, the same message will appear at the other end—but a small change in the ones and zeros during transport could dramatically affect the integrity of the data.
- Natural causes: Disasters including fire and flood have the same impact of a hardware failure. If you do not have a plan for Business Continuity and Disaster Recovery, then your data and your business are seriously at risk.
- Malicious causes: When we think of data integrity breaches involving people, most of us will think about malicious or illegal activity where data is changed to “cook the books” or to defraud. We also need to think about malware that may lead to data integrity breaches, or, more commonly, may allow remote unauthorized access to make changes to data.
- Human errors: Simple data entry or data transposition errors can lead to major problems. Just think how an extra zero or a decimal point in the wrong place can affect your business. A lack of attention to detail and quality can result in data errors that have significant impact.
Now, let’s examine ways to minimize these threats to data integrity:
- Back up data regularly and have a strong data retention policy. If you have good, secure versions of your data, you can be certain that you’ll restore the correct backup version in the event of an alteration or system failure.
- Use error detection and correction software when transmitting data. This gives you a high level of confidence in the integrity of the data as it sent from one system to another.
- Design user interfaces that prevent the input of invalid data. Online forms that don’t allow the user to continue without key data fields being accurately entered will prevent “bad” data from being added.
- Control access to data via security mechanisms. Following the concept of “least privilege” prevents any or “write” access to data that employees or a malicious party should not need to see or change. This includes physical access to the systems where your critical data is kept.
- Deploy system- and network-based protection. Do you have adequate anti-malware and intrusion prevention solutions?
Ultimately, data integrity starts and ends with culture.
Organizations with a strong stance on data integrity typically have a culture that is committed to quality and compliance. This culture starts with the executive leadership and is reinforced by the “top-down” commitment to values, processes and clearly communicated management philosophies. In these organizations, everyone is held to the highest level of accountability with a zero-tolerance policy for fraud. Compliance and quality are prioritized above speed and cost.
These organizations provide training and awareness programs to teach staff how to manage data and recognize red flags. Incentive programs may also be a good way to challenge and encourage employees to focus on quality of work and data security. This also should be extended to all parts of the supply chain to ensure everyone understands the rules and why they are important.
In the next article, we will tackle the final part of the security triad: loss of availability. We’ll go over the threats to keeping your systems up and operational and what you can do to minimize the risk and the cost of downtime.