UMD Data Breach

Preventing data breaches is more important to your business than ever before. Headlines on a nearly daily basis include an alarming number of information leakage incidents. On March 15, 2014, the University of Maryland learned of a cyber-intrusion into its network. This was the second intrusion of the year. Working together, the University’s police and IT department, FBI, and U.S. Secret Service successfully stopped the intrusion.  The FBI was later able to inform the University that there was no public release of any data except for the social security and phone number of the University’s president, Wallace D. Loh. David Helkowski, a former contract worker for the University of Maryland said “he hacked into scores of data­bases in the school’s computer system and posted the university president’s “private information” online to draw attention to security problems.” Helkowski told the Baltimore Sun that he saw flaws in the university’s system even before the February breach. He brought up his concerns but his supervisors did not act upon his comments. He grew frustrated that his comments weren’t being taken seriously. David said, “I had to do it, because if I did not do that, they wouldn’t have acknowledged the seriousness of the problem.”
        In the news we see more and more companies getting attacked by hackers, yet do other companies do anything about their security? I do not think that many companies really understand the seriousness of cyber security and the measures that need to be implemented in order to make sure their data is protected. In the University of Maryland case, they received a warning from Mr. Helkowski but did not do anything to check their databases and security. When companies receive threats, they should always check to see everything is running smoothly and that there are no flaws in the system. Even the smallest flaw can cause a breach.  Because University of Maryland has such a large database with sensitive data they should’ve addressed Mr. Helkowski’s comments right away.
        McAfee offers several cyber security tips for companies and even universities like the University of Maryland: They believe companies should train all of their employees to use strong passwords that involve letters and characters. Companies should teach employees to and to avoid dangerous links and emails. Employees should also know where the confidential data is stored. Companies that distribute devices to employees should keep track of all the devices to prevent potential data breaches. By protecting their website, companies can reassure customers by using trust marks on their website and utilizing strong anti-virus software. They also suggest that every company have clear cyber security policies. Companies should write a concise policy that specifies device use and if no longer employed, how to dispose of secure information. Also, by screening their employees prior to hiring them, companies put themselves at less risk.
       Finally, Companies can do everything possible to try and protect their data but unfortunately in today’s technology enriched world, there will never be a theft/fraud free measure.

http://www.washingtonpost.com/local/crime/former-contractor-calls-himself-whistleblower-in-exposing-security-problems-at-u-md/2014/04/10/7312699e-c0b3-11e3-b195-dd0c1174052c_story.html

 ^ main article

http://www.businessnewsdaily.com/4714-prevent-small-business-data-breach.html