X

Client Support

Remote Support

Windows Windows Apple Apple
Already a client, or need further help? Contact Epic IT support.
08 9228 2945
Data Breach Security

Stop data breach, the Epic way

Our Solutions / Data Breach Security

Protecting against data breach.

Our ES data breach security plans are built upon the Microsoft Office 365 and Azure platform and are fully managed by our security team. Protecting you against data breach, our plans will mitigate many common security risks associated with email systems and sharing of data.

The security plans will also help your organisation become more compliant and equipped for the NBD legislation. A legislation that affects many Australian organisations.

Some background about data breach.

Each organisation has the critical responsibility to protect their own corporate data containing sensitive personal information. In doing so they must also protect the handling of their customer and partner data.

Personal information (PI) is information about an identified individual, or an individual who is reasonably identifiable. Information that is not about an individual on its own may become PI when it is combined with other information resulting in an individual becoming ‘reasonably identifiable’.

A data breach constitutes personal information that an entity holds being subject to unauthorised access or disclosure, or even data loss. It may be caused by malicious action, human error, or a failure in information handling or security systems.

Cyber attacks behind most reported data breaches.

According to the Office of the Australian Information Commissioner (OAIC), in Q3 of 2018, over half of data breaches reported were a result of malicious cyber attacks. Results below.

Human error

Malicious attacks

System faults

What constitutes a malicious attack?

A malicious or criminal attack deliberately crafted to exploit known vulnerabilities for some kind of gain be it financial or other. So unlike human error and system faults, a malicious cyber attack is an intended action to create a data breach situation.

Email phishing

Phishing attacks accounted for over 50% of malicious attacks. Involved users being tricked into disclosing sensitive information such as usernames, passwords and credit card details by cleverly disguised emails posing as trustworthy entities.

Malware

Short for “Malicious Software”, malware are small computer programs design to infiltrate your computer system. Malware is a term commonly used to group these programs such as (but not limited to) viruses, spyware, worms, trojans etc.

Ransomware

A form of malware that will block access or threatens information disclosure if a ransom is not paid. Generally associated with the common crypto locker cyber attacks which have become all too common with victims frequently featured in the media.

Brute-force attack

One of the most common methods to gain access to anything that is password protected such as an email or cloud account by using various combinations of usernames and passwords until successful.

Social engineering

A more modern attack vector relying on human interaction and often involves manipulating and tricking people into breaking normal security practices in order to gain access to systems.

Rogue employee

Current or ex-staff member failing to comply with organisation rules and policies. The rogue worker might cause malicious damage such as mass file deletion or corruption to the ICT system.

What is human error?

Human error is when no malicious component is present, and the breach is a direct result of an accidental human mistake from staff, weak processes etc. Some of these breaches may include:

Unauthorised disclosure

When data containing private information is disclosed to the incorrect recipient by error or incorrect process. Such as unknowingly emailing sensitive PI such as TFN or credit card details.

Failure to use BCC

Common error when emailing large groups of recipients when the blind carbon copy (BCC) is not used, revealing personal email addresses and names to the entire group.

Incorrect recipient

Accidental disclosure by addressing an email or letter containing sensitive PI to the incorrect recipient that is not authorised to view that information.

Loss of data

Human error when data is lost through accidental deletion or data being left in an unauthorised environment for others to see or access.

Protecting against common data breach threats.

Our ES data breach solutions will mitigate various malicious and human threats and even cover some system error aspects. By blocking, alerting or warning both the user and our security team of these threats in real-time, your organisation has a much better chance at reducing its data breach risk.

The system is fully managed by our security team and the customer will receive interactive reporting straight to their device.


ready to start your transformation?

Need help, or have a question?

We're available seven days a week to lend a hand. Share a little info below and we'll be in touch shortly.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.