Macy’s reported an unauthorized data breach, including customer’s financial information due to an unauthorized third-party installing code to its macys.com website to capture checkout and wallet information. These types of acts can remain undetected for long periods and return troves of data for thieves to mine and sell.
Inserting an unauthorized application within the data workflow has become a widespread exploit for servers and point of sale devices. Hy-Vee, Huddle House, DiscountMugs.com, Checkers, OXO, Graeters Ice Cream, and the Atlanta Hawks are just a few recent examples of this exploit.
Regardless of the type of data and the unique workflows data may have, companies should aim toward a data workflow where data is always protected. A persistent data protection solution that protects data at rest, in transit, and in use. The protection should expand to include access control for users, devices, and applications. Proper application access control can prevent the type of data loss seen at Macy’s.
Application access control would enable companies to determine which applications have access to protected data and which do not. Administrators could enforce that protected PDF files can only be viewed by Adobe Acrobat. Eliminating the risk of employees using PDF to Word converters downloaded off the Internet, which are known to have malware and send copies of data to third parties.
SecureCircle’s Data Access Security Broker (DASB) eliminates attacks via unauthorized applications by delivering data-centric access control. Data remains persistently protected without impacting applications, workflow, or end-user experience.
With SecureCircle, protected files are never decrypted even in use. Users can utilize Save-As, and derivative works will also be protected automatically. Administrators control access policies for applications, devices, and users without permissions that can change at any time.
With SecureCircle’s DASB, organizations can eliminate unauthorized application threats.