Explaining countermeasures and investigation methods to prevent retired employees from taking out information due to unauthorized access.
2023/ 11/ 16
Easy-to-understand explanation of how to report and respond in the event of a personal information leak
2023/ 11/ 16
We often see news reports of companies leaking (leaking) personal information, but all companies that handle customer information are at risk of personal information leaks. Once a personal information leak occurs, it can cause great damage to a company, so companies are required to take security measures for personal information in peacetime. This article provides a wide range of information, including the causes of personal information leaks and leaks, and the security measures that companies should take for personal information.
What is personal information and leakage/outflow of personal information in companies?
We will explain the definition of personal information and what kind of situations are leaked or leaked.
Definition and specific items of personal information
Personal information is information that can identify a specific individual, specifically name, date of birth, address, blood type, gender, occupation, telephone number, income, biometric information, credit card number, financial institution. information, and a PIN number.
What is personal information leakage?
Personal information leakage is when information is passed on to a third party against the intentions of the person holding the personal information or the person whose personal information falls under the category.Under the Personal Information Protection Act, "loss," in which data contents are lost, and "damage," in which data is changed in an unintentional manner, are collectively defined as "leakage, etc."
Main causes of leakage of personal information in companies
We will introduce the main causes of personal information leaks in companies, such as human error and external attacks.
Information leakage due to human error
- Email sent incorrectly or attachment error
Human error by employees, such as sending an email to the wrong person or attaching the wrong file, is one of the major causes of information leaks.
- Unnecessarily taking out or bringing in laptops and smartphones
Not only due to operational errors such as erroneous sending, but also due to unnecessary removal or bringing in of laptops and smartphones.
Human error, such as loss or theft, can also lead to personal information leaks.
Information leakage due to external attack
- Malware infection
Malware is a general term for malicious software created with the intention of performing unauthorized and harmful operations.There have been reports of cases in which personal information was leaked due to infection with a type of malware that sends internal information to an external party.
- Unauthorized access
Unauthorized access is a cyber attack that attempts to illegally connect to a computer that is not authorized to use it.Any attempt to illegally obtain access information such as login IDs and passwords is also classified as a cyber attack.
8 measures to prevent personal information leaks and outflows at companies
We will introduce eight specific measures to prevent the leakage and leakage of personal information.
Create a system to prevent email from being sent incorrectly
Take steps to raise the awareness of each employee, such as sharing examples of erroneous sending with employees.However, there are limits to simply ensuring that the recipient does not make a mistake.You can also consider using functions such as ``a function that alerts you to external addresses and new recipients'' and ``temporary hold and supervisor approval functions'' of tools to prevent mistaken email sending.
Establish rules for bringing in and out laptops and smartphones from work
The use of portable devices such as laptops and smartphones for work is on the rise in all companies, but when devices used for work are taken outside, there is a risk of personal information being leaked due to loss or theft.Establish rules for operations, such as prohibiting careless removal outside of normal business hours and limiting the devices that are allowed to be taken out.Solutions that allow you to erase information remotely are also effective.Additionally, prohibiting carry-on devices is a measure to prevent malware infection from private devices with low security levels.
Introduce EPP (antivirus function)/EDR and manage it appropriately
The most effective countermeasure against external attacks such as malware is to use EPP's antivirus function and EDR.Functionality varies depending on the product, such as detecting, identifying, deleting, and quarantining cyberattacks.Techniques are becoming more and more sophisticated, so be sure to keep up to date with the latest updates.
Manage IDs and passwords appropriately
Proper management of IDs and passwords is the basis of security.Don't share it with others, don't leave it where people can see it, and make sure it's not easily guessed and avoid reusing it.
Check your system for vulnerabilities
Once you have installed a security system, keep it up to date with updates and regularly collect information about the latest attacks.If a vulnerability is discovered, countermeasures such as system modification or introduction of a new solution will be required.
Do not leave personal information or devices unattended within the company or dispose of them easily.
Please manage your personal information carefully.Be conscious about your actions on a daily basis, such as locking your device when you leave your desk, shredding documents when destroying them, and using a specialized service to physically destroy your device or completely erase data. That is important.
Provide thorough security education to employees
In order to prevent the leakage of personal information, all employees who handle information must work together.Thoroughly provide security education to increase literacy, such as creating and implementing company rules and holding regular training sessions that include the use of e-learning.
Create a personal information leak prevention manual
Even if you raise your security awareness on a daily basis and act according to company rules, information leaks can still occur due to sophisticated external cyber attacks or human error.In such a case, it is a good idea to create a prevention manual that includes the initial response flow so that it can be shared immediately within the company and the damage can be minimized.
[Related article] What should be done to prevent information leakage?We also introduce the causes, cases, and how to deal with the leak
Forensic investigation is the countermeasure in the event of information leakage or outflow in a company.
In the event of an information leak, a company should conduct a “forensic investigation”.Let me know what kind of research you do.
What is a forensic investigation?
A field of forensic science that collects and analyzes information stored on digital devices to uncover evidence of crimes and wrongdoing.By investigating the cause, you can take measures to prevent it from happening again, and by clarifying who is responsible, you can prepare in case your company is sued.
FRONTEO's forensic investigation service using AI
The use of AI is now essential in modern forensic investigations that handle huge amounts of data.By training AI to judge criteria using a small number of sample files reviewed by experts, it is able to sort large amounts of data into those that are likely to be related and those that are not.The simple data sorting work that must be done at the beginning of an investigation can be done in a short time by a small number of people, which not only improves the efficiency of the investigation, but also improves accuracy by concentrating the resources of experts.
[Related article] What is an information leak investigation?Explanation of research methods, examples, and how to choose a research company
Forensic investigation example at FRONTEO
We would like to introduce an actual case study of a forensic investigation into personal information leakage conducted by FRONTEO.
Investigation case of personal information leakage due to malware infection
It was discovered that a company's PC was infected with malware, and personal information was suspected to have been leaked, so a forensic investigation was requested from FRONTEO, a specialized investigation company.We decided to identify the infection route and trace any traces of information leakage from the infected device.
We analyzed hundreds of devices using an analysis tool, visualized the attack route, and identified the victim devices.Furthermore, we conducted a survey targeting around 30 cyber black markets to see if leaked information was being bought and sold on the dark web.As a result of the investigation, we were able to not only identify the PC where the information leak occurred, but also that the information had been leaked to the dark web.
*Detailed survey content"Investigation of Personal Information Leakage due to Malware Infection"please look at
Forensic investigation when personal information leak occurs, contact FRONTEO
Since its founding in 2003, FRONTEO has been working to solve the problems of various companies as a pioneer of forensic investigations in Japan.We have an established reputation for our technology and know-how based on outstanding experience.
By utilizing our in-house developed AI engine, KIBIT, we have achieved significant labor savings and cost reductions during document reviews, and by combining our experience in dealing with projects with our in-house AI engine, we have achieved high accuracy and efficiency that cannot be achieved by other companies. We are realizing this.
We have data centers in Japan, North America, South Korea, and Taiwan, and we have a system that allows us to store data without taking it out of the country, and we have perfect security.We provide seamless services to our clients' headquarters, local subsidiaries, and law firms.Fast support with global operations.
