Ensure your email chain of custody against both outside and inside attacks
Maintaining a secure chain of custody of your email archives is an essential element of effective data governance. Chain of custody ensures that all archived data is handled properly at all times – that it’s strictly in the hands of those who are authorized to access it. If it falls into anyone else's hands, the chain of custody is broken, and cybercriminals can use it for all kinds of nightmare scenarios.
Nightmare #1: Held for Ransom
Last December, a chain of custody breach at the police department in Cockrell Hill, Texas, led to a costly ransomware attack. Because the files fell into unauthorized hands, it’s considered a break in the chain of custody.
According to local news reports, the attack occurred when someone in the department clicked on an email that appeared to be from a department-issued email address and carried a virus. All files on the server were corrupted. The town refused to pay the ransom and the department lost eight years of digital evidence.
Nightmare #2: Home Invasion
“Ransomware attacks weigh heavily on enterprise IT admins, and for good reason, but internal data theft deserves equal attention, if not more,” cautions Robert Douglas, president of PlanetMagpie IT Consulting in Fremont, Calif. He offers this scenario: An employee copies data from a company department’s archives takes it out of the office, then sells it to a competitor. This occurs much more often than people realize and costs businesses billions every year in lost intellectual property, costly recovery attempts and profits.
“Because the company didn't take the appropriate steps to protect its data, nobody knows this happened,” Douglas says. “The other entity could use the data for months or years without detection. You need appropriate data permissions and logging to safeguard against this threat.”
Nightmare #3: Being Exposed
HIPAA and HITECH set standards for data privacy and security provisions to safeguard medical records. Private information falling into unauthorized hands constitutes a breach in the chain of custody, and, for the violators, leads to stiff fines.
The U.S. Department of Health and Human Services maintains an online “Wall of Shame” that lists healthcare organizations that have experienced an unauthorized release of health information involving 500 or more individuals. According to the agency’s Office of Civil Rights, more than 113 million medical records were hacked in 2015. An October 2015 report from Accenture estimates that cyberattacks will cost healthcare systems $305 billion in revenue over the next five years.
Monitoring the chain of custody entails harnessing the right set of technologies to keep these cyber threats from keeping you up at night.