When you focus too much on specific attacks rather than considering the totality of your individual or organization’s data protection, privacy, network security, and process requirements, this can lead to an avalanche of unexpected vulnerabilities. When the Jerusalem Post reported that Risk Based Security, came up with a compilation that amounted to 2,308 publicly disclosed data compromise events which exposed approximately 2.6 billion confidential records in the first six months of 2018 alone, it was almost to the utter disbelief of everybody but just a few days ago and precisely on November 22, 2019, the world experienced a thunderbolt by the news that a whopping four billion records on 1.2 billion people have been exposed.
The incident was completely unexpected and the worse, nobody had a contingency or incident response plan to fall to for exposure of such magnitude. This is an exposure that affected the lives and privacies of 15.6% of the total World population, where their personal data, including email addresses, employers, locations, job titles, names, phone numbers, and social media profiles were left in an unsecured database.
The most unfortunate aspect of this exposure is that none of the companies that are mentioned to be likely culpable has owned up for such a catastrophe, instead, they are playing the blame game. The question is how can this have happened? And the most obvious answer is they didn’t plan for the unexpected.
What should have been done to protect these people’s privacy?
1. The blockchain technology
Actually, the blockchain technology came up as a revolution to facilitate cryptocurrencies but has found a lot of usefulness in other areas of life. Joel S. Telpner, a partner at ZAG/Sullivan, explains that blockchain technology is an extremely secure method of transmitting data using a cluster of computers.
The features of the blockchain which include using cryptography, each block containing a cryptographic hash of the previous block, decentralization, a timestamp, and transaction data (generally represented as a Merkle tree), ensure that once your data is recorded in any given block, alteration can only occur only if subsequent blocks are altered and this requires the consensus of the network majority which is at least 51% that so far is deemed practically impossible.
Since your data will be stored across the blockchain peer-to-peer network, it completely eliminates a number of risks that arise as a result of data been held in a centralized system. Due to its decentralization, the workings may be based on the use of ad-hoc message passing and distributed networking.
Peer-to-peer blockchain networks enhance the privacy and protection of your data because there are no centralized points of vulnerability that cybercriminals can capitalize on for exploitation. Also, there is the absence of a central point of failure.
One other feature of the blockchain that confers security on the usage is the public-key cryptography This is actually a long, random-looking string of numbers that serve as an address on the blockchain.
To interact with the different capabilities that blockchains support or access your digital assets you must have a private key which is more like your password. All these benefits are the reasons your data that is stored on the blockchain is overwhelmingly considered incorruptible and also a means of preparing for the unexpected.
Another thing the blockchain has going for it that ensures your data is securely protected and can’t be deciphered even if as the case is, it’s an open system is its end-to-end encryption of your data.
2. The VPN technology
Given that some companies may consider the acquisition of the blockchain to be a financial constraint, there is always the option of the virtual private network (VPN). Fortunately for you, there are both paid and free VPNs so you don’t have any reason for not securing your data as was the case of the exposure.
Before subscribing to the services of any VPN, you must carry out very thorough research because many VPNs recommended on large, trusted websites suffer from data leaks, broken features, and critical flaws.
These problems not only render the VPN useless, but they also expose your identity, location, and data to third parties and with that you attempt at securing your data, enhancing your privacy, and protection is roundly defeated. Be as it may, there are quite a good number of trustworthy service providers in the market and you just need to get through to unbiased VPNs analyst like Restore Privacy.
Whatever type of VPN you want to use the technology should be based on connecting your device to the endpoint or your destination through a certain VPN protocol to encrypt and mask your data. The VPN could be any of remote access, intranet-based site-to-site, and extranet-based site-to-site.
If the server that exposed those records had been connected to a VPN, you wouldn’t have had such an ugly mess because the private network connection is established using an encrypted layered tunneling protocol, and anybody that wants to access your data must use authentication methods, including passwords or certificates, to gain access to you data protected by the VPN.
If for any reason a die-hard hacker has to through all the security measures you have put in place and is still able to access your data, then you must resort to incident response to mitigate any harm that can come in the way of your data and also ensure that your privacy is not threatened. While it may be impossible for you to prepare for every potential unexpectedness, instead of your being scenario-specific, you should approach privacy planning by looking at the business itself and what could go wrong.
If you have these plans in place you are ensuring you have the ability to withstand unexpectedness and maintain operability for a longer time. It’s true that you may be spending money on something that may never happen and look at the whole situation as wasteful, but is not better for you to have something that you don’t need than to need something that you don’t have?