Data Breaches have been all over the news lately, but what exactly is meant by the term “Data Breach”? There are three different types of data breaches—physical, electronic, and skimming.
They all share the same amount of risk and consequences but are unique in execution. It is important to know the differences in the types of data breaches because they require actions such as document shredding or electronic media destruction services so that data remains secure.
Three Types of Data Breaches
A physical breach involves the physical theft of documents or equipment containing cardholder account data such as cardholder receipts, files, PCs, and POS systems. It can also be referred to as corporate espionage, and items at risk include:
- Laptop and Desktop Computers
- External hard drives
- Any other technologies that may contain cardholder data such as Point-of-Sale Equipment (Standalone Dial-Up Terminals)
- Any other physical asset that may contain cardholder data, including hard-copy bills, faxes, credit card receipts, or blank checks
Preventing this type of attack can be done with security and access control measures. Always remember to destroy devices once they are no longer in use. Forgotten hard drives and old computers that pile up in a storage closet are ripe for physical breaches, and oftentimes no one even notices when they are stolen.
An electronic breach is an unauthorized access or deliberate attack on a system or network environment where cardholder data is processed, stored, or transmitted.
This can be the result of acquiring access via web servers or websites to a system’s vulnerabilities through application-level attacks.
For example, data breaches often affect the healthcare industry because gaining access to these networks exposes a wealth of private patient billing information.
What’s the best way to protect your organization? Many experts agree that it’s critical for businesses using electronic media to encrypt their information, making it difficult to decipher in the case that someone gains unauthorized access.
Encryption works for files on active machines, but it’s important to adopt the use of hard drive shredding and electronic media destruction prior to disposing of electronic devices too. Encryptions can be hacked, a shredded hard drive can’t expose anything.
Skimming involves the capture and recording of magnetic stripe data on the back of credit cards. This process uses an external device that is sometimes installed on a merchant’s POS without their knowledge.
Skimming can also involve a dishonest employee utilizing an external device to collect the card’s magnetic stripe data. These identity thieves collect data and use it to create counterfeit credit and debit cards.
Here a few guidelines for minimizing the potential for skimming:
- Closely monitor the handling of cards when employees have frequent physical possession of credit cards out of view of the cardholder.
- Closely monitor activity on Point-of-Sale terminals and PIN-pad devices.
- Regularly check equipment for attached skimming devices or evidence of tampering.
- Ensure you are not using a known vulnerable Point-of-Sale terminal or PIN-pad device by contacting your credit card processing service provider.
- Petroleum businesses should have procedures to monitor activity at outdoor Point-of-Sale pumps. This must include opening devices regularly to check for tampering or installed skimming devices.
Get Free Quotes on Shredding Services and Protect Yourself from Data Breaches
Whether it’s a dumpster-diving identity thief searching for your discarded medical bills or a hacker targeting your company’s network to steal customer information, it’s imperative that you take the steps to shred your paper documents and electronic media to protect yourself from falling victim to a data breach.
That’s why at Shred Nations, we partner with a nationwide network of the top paper and electronic media destruction companies. Able to provide the secure shredding services that your sensitive documents require, you can rest assured knowing that with Shred Nations, your information won’t be falling into the wrong hands.
To start protecting both yourself and your business from a data breach, give us a call at (800) 747-3365, select our online chat, or fill out the form to your right to get free quotes on any of our document destruction services. Within minutes, we’ll contact you with a list of local contractors who can help you to securely protect your information from the threat of a data breach.