In the constantly revolving internet technology world that seemingly is getting faster and smarter, data breaches remain a nagging thorn in the side. Despite new advances in antivirus technology, device protection is more essential than ever.
Each year, IBM Security teams with the Ponemon Institute to determine the global cost of data breaches. The 2018 Cost of Data Breach Study: Global Overview
– based on interviews with more than 2,200 IT, data protection, and compliance professionals from 477 companies that have experienced an intrusion over the past 12 months – made perfectly clear that the information technology nemesis isn’t letting up.
The study found that the average total cost of a data breach, the average cost for each lost or stolen record (per capita cost), and the average size of breaches have each increased beyond that reported in 2017. Specifically:
- The average total cost rose from $3.62 to $3.86 million, an increase of 6.4 percent
- The average cost for each lost record rose from $141 to $148, an increase of 4.8 percent
- The average size of the data breaches in this research increased by 2.2 percent
The cost of data breaches is down from $4 million reported in 2013 but the increase over 2017 is reason for concern.
Data breaches are the most costly in the United States and the Middle East and least costly in Brazil and India, according to the study released in July 2018. The average total cost in the United States was $7.91 million and $5.31 million in the Middle East. The highest average per capita costs were $233 in the United States and $202 in Canada.
Forty-eight percent of all breaches identified in the study were caused by malicious or criminal attacks. Such attacks were more difficult to identify and contain compared to breaches caused by human error.
The study showed also that the faster a breach is identified the lower the average cost per record.
Companies that identified a breach in less than 100 days saved more than $1 million as compared to those that took more than 100 days. Similarly, companies that contained a breach in less than 30 days saved over $1 million as compared to those that took more than 30 days to resolve.
Three questions to assess security of multifamily data
Avoiding a breach, according to some experts, in nearly impossible. A cellphone hack can happen without the user’s knowledge. Accessing company information from a non-company device can be an open invitation for hackers to get their hands on sensitive data.
“In the modern world, a company lives by its data,” says Rusty Franks, RealPage Solutions Architect. “Even if you are a manufacturing or construction company, all of your inventory systems are digital, your payment process, quoting, your ordering, your delivery, everything is data. Imagine if you lost every Excel and Word document across business functions in your company. Would you be able to function? Probably not. It’s those simple Excel and Word documents that you want to keep protected.”
Franks, who works with multifamily companies to provide safe haven for their data, says every business should ask three questions about their IT-related safety and security:
1. Is every device that accesses your company data fully patched and up to date?
2. Does every device have up to date antivirus protection, and
3. Are all user accounts secure from hacking attempts?
He believes 95 percent of companies answering those questions wouldn’t be able to say yes. While securing information technology on any scale isn’t easy, it has to include 100 percent coverage to be effective.
“It’s all or nothing,” Franks said. “If you have 6,000 devices and 5,999 are secured, patched and covered, all it takes is that one.”
Inadvertently losing control of multifamily data security
Recent international hacking incidents have raised awareness about the impact of a security breach.
Franks says that any device that accesses company data should have updated antivirus protection as well as sound identity and access management policies. Companies and their staff share information publicly to some who may not have protection. Also, properties will entrust employees to bring their own devices into the network unbeknownst to the risk. Every time an unprotected device accesses data at the corporate level the business is put at risk.
The need for proper protection has become more critical because it’s easier to purchase devices just about anywhere. It’s easy to string together an IT network of varying types of devices in a matter of hours from multiple sources. Over time, the network becomes difficult to manage.
“What they don’t realize is that these properties are accessing company data, they have access to the files,” Franks said. “Even though the properties are separate from the corporate office, they still access the business resources and put them at risk.”
RealPage Senior Vice President Chris Cranfill has seen first-hand how multifamily companies inadvertently lose control of their IT security because of lack of attention at the on-site level. Outsourcing to a managed IT provider can help.
“You need to have a trusted source that can do this for you,” he said. “If you keep doing point of purchase then you’ll continue with this hodge-podge network that will perpetuate the problem, and a lot of these folks do that. They let the properties do their own purchasing, let them buy their own machines and it becomes a nightmare.”
Providing antivirus and security protection with outsourced IT services
RealPage, Inc., is working with multifamily clients to provide antivirus and security protection while supporting Microsoft’s M365 and Enterprise Mobility + Security solutions with comprehensive, cost-effective outsourced IT solutions.
One way devices are being protected is through a mobile app that provides a security code when accessing a username and password.
“Even if someone gets to your password they don’t have that code and your account is still secure,” Franks said. “You have security code from your phone, similar if you log into your bank they will text you a code.”
While intentions may be innocent, accessing business data has become a chancy proposition. Multifamily companies can benefit significantly by putting all the protections in place to avoid a data breach that could devastate their bottom line. A great way to do this is through outsourcing IT to a trusted partner with proven expertise.
After all, says Franks, the world is not slowing down for anyone.