ema il ema il ema il ema il Achilles Heel of Email Think Stock www.cloudnician .com by James O. Grundvig
Achilles Heel of Email
Think Stock
www.cloudnician.com by
James O. Grundvig
EVOLUTION OFEMAIL
2
Route 80 ProjectNorth Jersey
NJ-DOT HQTrenton, NJ
12 kb file(Cover Sheet)
1 9 9 2Email Replaces Fax One Page at a Time
20 Minutes – 60 Miles
Think Stock Think Stock
3
10 million email accounts 16 million Internet users 25,000 websites Dial-up Internet Service
THE BIG BANGINTERNET
1 9 9 5Netscape’s Web Browser Opens the Internet
Think Stock
4TIMELINE
TSUNAMI OF SPAM EMAIL
SPAM
E V E NT
2004 2009 2013
Spam costsfirms $130
billion5
Spammers arrested
DropBox Users complain of Spam
1995
10m email
3.6 B email
Email Accounts
Think Stock
5
SOCIAL ENGINEERINGOF EMAIL
2 0 1 2Hackers Exploit People
Your friends can be used against you
Think Stock
People are the weak link Data Trolls your online life 29% of cyber attacks are conducted via email
DE-EVOLUTION OFEMAIL
6
Think Stock Think Stock Think Stock
BRIGHT IDEAOF EMAIL…
1 to Many Communication
Send Attached Files
Become more productive but. . .
7Think Stock
8
15 hrs week
$28,000/yrLost time
918 million corporate email accounts 105 emails sent per user
INEFFICIENCYOF EMAIL
300 million emails sent each day are “poison darts” 37% users don’t reply to email Email wasn’t designed to be collaborative
9
DATA BREACH COSTSTELECOM GIANT
“High-tech spies managed to infiltrate Telenor’s extensive security network and empty the contents of the top executives’ personal computers.” – Afterposten 3-17-13.
Telenor
$18B
31K20
monitor traffic 1open
zip file
Rev.
Employ.
The Hack
10
MORE DATA BREACHESBY EMAIL
2012 Attacks
- 68.2% done by hackers
- 267 million records exposed
- 1 email exposed S. Carolina’s 3.8 million tax returns
- Evernote didn’t follow own training: employee opened “reset” password email (4-19-13)
11Think Stock
HEALTHCAREEXPOSURE TO EMAIL H
12
BOSTON MARATHONBOMBING
Wounded Suspect brought to Beth Israel Deaconess MC…
HallsEmpty
Police Lockdown Hospital
What if a Terrorist launched aCyber Attack on the IT Systems?
H
Think Stock
13
Patient Privacy& Data Security H
$2.4 million (2-year) avg. cost to organization in PHI 45% claim >5 breaches (up from 29% in 2010) 2,769 stolen records/breach
75% don’t secure medical devices contain patient data
94% have leaked data
14
WHICH PATIENT DATABREACH IS WORSE? H
Class-Action lawsuit Glen Falls Hospital NY
Class-Action lawsuit 22 Florida Hospitals
Wyoming Doctor’s personal email exposes 2,900 patient records Oregon H&SU hacked twice in same year
2 Breaches, 2 States, 2 Hospitals, Same Day – Utah & Mississippi
15
CAN WE SECURE DATA?
Patie
ntDa
ta
ePhish trainingwon’t work
Think Stock
16
SEPARATION OFEMAIL & STATE
EMAILSERVER
Off-PremiseCloud
Corporate IT Network(on-premise)
External Communication
FIREWALL
Few Employees have email
Is this the New Paradigm?
17
NEW CHALLENGEOF BYOD
Off-PremiseCloud
DB1
DB3
DB2
- Remote locations- Multiple devices- How do we Secure?
Think Stock