Is Your Data About To Be Hacked?

Anyone in the Data World thinks about it all the time but really doesn’t want to think about it as it can be a game changer look at loyalty build last year and the recent media around the Affairs site ”Ashley Madison” but here is a really good example of the implications of a hacking experiment: Two hobbyists, Charlie Miller and Chris Valise, made headlines in the US when they hacked into a Jeep Cherokee that was driving along a highway. They started with the radio and the temperature. Then they hit the brakes, bringing the car to a standstill. Of course, this was a controlled experiment, so no one was hurt. They did it to highlight potential security issues. But it’s easy to imagine a terrorist, a generic misanthrope, or just a bored prankster causing chaos by doing the same during the rush hour. This problem will only get worse the more we rely on technology. Two years ago, when Miller and Valise did a similar experiment, they had to physically connect their laptop to their victim’s car. Now they can take advantage of the wireless technology that comes as standard. (Ironically this wireless connection is designed to make it easier to diagnose faults.) And you don’t have to be paranoid to see this happening to other essential infrastructure, especially as we move from hard drives to cloud storage. The number of devices connected to the internet is expected to grow tenfold, from 2 billion to 25 billion, between 2010 and 2020. Both cases tie in with another major trend – online crime is rising fast. Banking fraud in the UK rose by nearly 50% last year. Not sure what the figure is for Ireland but in the UK Fraud related to credit cards now totals nearly £500m. At a recent data event I met a data scientist, Yes they do exist and he informed me that he estimates 20% to 25% of all on line clicks are fraudulent they are not accidental but intentional clicks to defraud the publisher. This is done through bots or programmatic programs to populate online forms or e – commerce checkout baskets. As a data collector we take this area seriously but not just around protecting the data from hackers we focus on Data Protection compliance and we focus on filtering out fraud clicks from converting to data registrations to ensure our data is of the highest possible standards. Here are just a few tick boxes to check: 1. Has your site an SSL cert 2. Have you applied inline real time validation to each filed of data you collect so you can identify fraud clicks at the point of entry and block the data source? 3. Has your Head of data or Data Protection Officer applied a data policing process? 4. Have you the required data processing agreements and data protection procedures in place to facilitate a data breach process occurring? 5. Are you signed up to the industry suppression files such as the MPS in Ireland managed by the IDMA? 6. Is your data and all touch points managed in an encrypted environment? Lets face it legislation has not as yet caught up with the hackers so it is really down to us as data harvesters to implement the proper controls to minimise the threat of a hacker and possible data breach. If you would like a chat about the procedures we have put in place at Dataxcel feel free to contact me on lorcan.lynch@dataxcel.ie or go to our web site www.dataxcel.ie We are more than happy to share our experiences with our industry colleagues.