We often read about leaks of personal information in the news, and all companies that handle customer information are at risk of personal information leaks. Once a leak of personal information occurs, it can cause serious damage to a company, so companies are required to take security measures to protect personal information even at ordinary times. This article provides a wide range of information on the causes of personal information leaks and leaks, as well as the security measures companies should take to protect personal information.
This article explains the definition of personal information and what conditions are defined as a leak or outflow of personal information.
Personal information is information that can identify a specific individual, including name, date of birth, address, blood type, gender, occupation, telephone number, income, biometric information, credit card number, financial institution information, and PIN number.
A personal data breach is when information is given to a third party against the intention of the person who has the personal data or the person to whom the personal data pertains. Under the Personal Information Protection Law, the term "leakage, etc." is also collectively defined as "loss" of data content or "damage" that is unintentional alteration of data.
The following are the main causes of personal information leaks in companies, including human error and external attacks.
The following are eight concrete measures to prevent leakage and outflow of personal information.
Take steps to raise the awareness of each and every employee, such as sharing examples of misdirected e-mails with employees. However, there is a limit to simply making sure that recipients do not make mistakes. You can also consider using functions such as "alerting the recipient of an out-of-office address or a new destination," "temporary suspension," or "supervisor approval" in e-mail misdelivery prevention tools.
While all companies are increasingly using portable devices such as laptops and smartphones for work, there is a risk of personal information leakage due to loss or theft if the devices used for work are taken outside of the company. It is advisable to establish rules for operations, such as prohibiting unintentional removal of devices outside the normal scope of business and limiting the number of devices allowed to be taken out of the office. Solutions that can erase information remotely are also effective. Prohibiting employees from bringing their own devices into the office is also a measure to prevent malware infection from private devices with a low level of security.
The most effective countermeasure against external attacks such as malware is the use of EPP's anti-virus function and EDR. Functions such as detection, identification, removal, and quarantine of cyber attacks vary from product to product. Since the modus operandi is becoming more and more sophisticated, be sure to keep your system up-to-date.
Proper management of IDs and passwords is the foundation of security. Do not tell your ID and password to others, do not leave them in plain sight, and make sure that they are not easily guessed.
Once you have a security system in place, keep it up-to-date with updates, but also gather information about the latest attacks on a regular basis. In the unlikely event that a vulnerability is discovered, measures such as system modifications or the introduction of a new solution should be taken.
Strictly manage personal information. Lock devices when leaving the office, shred documents when destroying them, and erase data by either physically destroying the device or using a professional service that erases the data completely.
Preventing the leakage of personal information requires a concerted effort by all employees who handle the information. Thoroughly educate employees on security to increase literacy by creating and implementing company rules and conducting regular training, including the use of e-learning programs.
Even if you are constantly raising security awareness and following company rules, information leaks can still occur due to sophisticated cyber attacks from outside or human error. In such cases, it is a good idea to create a prevention manual that includes an initial response flow so that it can be immediately shared within the company to minimize the damage.
→Related Article] What should be done to prevent information leaks? Introducing causes, case studies, and measures to take after a leak.
When an information leak has occurred, a company should conduct a "forensic investigation. This section introduces what kind of investigation it is.
A forensic investigation is a field of forensic science that collects and analyzes information stored on digital devices to reveal evidence of criminal or fraudulent activity. By determining the cause of the crime, measures can be taken to prevent its recurrence, and by identifying the responsible party, the company can prepare for a lawsuit in which it will be questioned.
The use of AI is now essential in modern forensic investigations that deal with enormous amounts of data. By having AI learn decision criteria on a small number of sample files that have been looked over by experts, large volumes of data can be sorted into potentially relevant and irrelevant categories. The simple data sorting work that must be done at the beginning of a survey can be done in a short time by a small number of people, which not only improves the efficiency of the survey, but also improves its accuracy by concentrating the resources of experts.
→ What is an information leak investigation? Explanation of investigation methods, examples, and how to choose an investigation company
The following are actual examples of forensic investigations conducted by FRONTEO regarding personal information leaks.
A company's PCs were found to be infected with malware, and there were suspicions that personal information had been leaked, so FRONTEO, a specialized investigation company, was asked to conduct a forensic investigation. We asked FRONTEO, a specialized investigation company, to conduct a forensic investigation to identify the infection route and to trace the traces of information leakage from the infected terminal.
Analysis was conducted on several hundred terminals using analysis tools to visualize the attack route and identify the affected terminals. In addition, we conducted a survey of less than 30 cyber black markets to determine if the leaked information was being traded on the dark web. As a result of the investigation, we were able to identify not only the PCs on which the information leak had occurred, but also the fact that the information had been leaked to the Dark Web.
*For details of the investigation, please refer to "Investigation of Personal Information Leakage Due to Malware Infection.
FRONTEO has been a pioneer in forensic investigation in Japan since its establishment in 2003, and has worked to solve a wide variety of corporate issues. We have an established reputation for our technology and know-how based on our outstanding experience.
By combining our experience in handling cases with our own AI engine, we have achieved a high level of accuracy and efficiency that no other company can match.
We have data centers in Japan and South Korea, and we have full security measures in place. We seamlessly provide services to our clients' headquarters, local subsidiaries, and law firms. We provide prompt support through our global operations.
→ FRONTEO's Forensic Investigation Services page
→ Click here for consultation and inquiry about forensic investigation