Anyone who says you can’t predict the future has never had access to a nice, big dataset. Every year, researchers sort through millions of data points to see what’s in the cards for the new year. The Forrester Research Data Security And Privacy Playbook has a number of stunning predictions for 2016, from increased privacy protections to hacked medical devices.
Where We Are Now — And Where We’re Going
2015 had a number of major upheavals in privacy and security. Massive breaches hit a huge range of organizations across America, from government, to healthcare to prison phone systems. Hundreds of millions of consumers were affected, leaving people feeling less secure about their data than ever before.
There was also major public policy turmoil. Intelligence and law enforcement organizations fought for backdoors in encryption, while the private sector made it more accessible than ever before. Major data privacy laws were overturned, and new ones were drafted.
Out of all the chaos came real hope for better privacy in 2016. The collapse of the Safe Harbor agreement created a lot of uncertainty for American companies, but it will ultimately lead to new, stronger data protection laws. The Office of Personnel Management (OPM) breach compromised millions of government employee records, but it also made people wake up to the danger of outdated security measures — and how important encryption is to data security. In fact, encryption isn’t just a topic for big government agencies or big corporations anymore: 2015 showed the world that encryption is something that everyone needs.
If you want to ensure that you’re keeping up, here’s what you need to know about encryption — and how file sharing encryption can protect you from the biggest security risks of 2016:
1. Hacking Will Continue to Be a Threat.
Government and private industry learned a lot of hard lessons about security in 2015, but that doesn’t mean they’re safe. Forrester Research predicts another major U.S. government breach in 2016, and there’s no reason to think private industry will do any better.
One factor Forrester blames is an outdated, perimeter-centric approach to security. In this old model, users are expected to verify their identity to gain access to a tool or network, but once they’re in, they’re assumed to be who they say they are. That means that if a hacker gains access, they can wreak havoc on any data inside.
Forrester coined the term “Zero Trust” to describe how to combat this threat. Zero Trust means no user is assumed to be safe just because they got past the gate; anytime they try to access information, they have to be verified to make sure they’re not a threat.
Unfortunately, apps like Dropbox and even operating systems like Windows 10 are built with automatic cloud functionality based around the old model. Rather than saving files to a device, these programs automatically sync with the cloud whenever they have Internet access.
In one sense, this is a good thing; you can access your documents, personalized settings, music libraries and other information from anywhere, making it easy to work on multiple devices and reducing the risk of losing everything in a crash.
On the other hand, these tools make hacking and ransomware a bigger threat. Cloud devices will automatically share confidential data on unsecured connections, potentially allowing hackers to record your login credentials and steal, alter or ransom your files. On top of that, software like Windows 10 automatically shares a great deal of data with the provider, eroding your privacy and potentially undermining data compliance as well.
Encrypted file sharing is an important part of a Zero Trust approach, since it provides data-centric encryption of individual files. Even if a hacker were to compromise your cloud storage, an encryption program like Virtru would make it nearly impossible for them to read your data; they simply wouldn’t be able to decipher your personal data without the encryption key.
Encrypted file sharing needs to be backed up by common sense, as well as online and email security best practices. You need to carefully choose and research what apps you adopt, use strong passwords, clear your browser cache and make backup copies of files in case hackers a hacker attempts to sabotage or ransom them. It may not always be possible to keep a determined hacker out, but you can reduce the risks and limit the data they can compromise.
2. Healthcare Security Will Face New Risks.
2015 saw some of the biggest healthcare breaches of all time. The Anthem breach alone compromised around 80 million personal records, and the total for the year was over 193 million. Not only do healthcare records contain information like names, addresses and Social Security numbers that can be used to steal your identity, they also contain your personal medical history. Because of the value of these records — they can sell for $50 each on the black market — attacks on healthcare security aren’t likely to stop any time soon.
However, as medical technology continues to advance, Forrester predicts an even more alarming target: health devices. Medical companies are moving toward portable devices that use the Internet of Things to provide better healthcare — for example, wearable devices to monitor vital signs or deliver medicine. Doctors are able to wirelessly collect data from these devices and add it to medical records to create better treatment programs. If hackers are able to break the security of medical devices in 2016 as Forrester predicts, they could ransom the devices, depriving the user of needed medical care until they pay the fee, or even simply sabotage them, potentially putting lives in danger. If hackers attacked the system used to store and analyze data in the hospital, they could steal or ransom the data of every patient.
Currently, medical organizations focus on HIPAA compliance, and many use encryption selectively, to protect data deemed sensitive. That needs to change; the industry needs to utilize encrypted file sharing for everything, from routine medical reports to firmware updates sent to medical devices and patient health data sent back to the hospital.
Consumers also need to take a more active role in promoting good security in the medical industry. They need to demand their healthcare providers use encrypted file sharing and other security measure, both for sharing and processing medical information and for securing health data generated in medical devices.
3. New Privacy Laws Will Protect Consumers — Eventually.
The value of consumer information has turned online privacy into a battleground. Companies can market products more effectively by collecting data about customers’ online habits, but consumers are increasingly unhappy about organizations collecting, using and selling their data.
Forrester predicts that 2016 is the year when consumers will start to win the battle. Although privacy regulations aren’t being strengthened everywhere, privacy laws affect how everyone has to do business on the Internet. California privacy rules will create a high standard in America, while the EU is slated to move toward standardizing privacy rules across Europe with the General Data Protection Regulation (GDPR).
The global nature of the Internet makes it almost impossible for most companies to create one set of data privacy practices for California, another for the EU and so on. Instead, they’ll have to align their internal practices with whoever has the strictest privacy protections. That means even regions, states or countries that don’t have strong privacy laws will benefit from those that do.
Unfortunately, it will take a while for industry to catch up, making it hard for consumers to account for how well their privacy is being protected in the interim. Forrester anticipates the issue will only be resolved with massive fines, forcing businesses to give up attempts to skirt new regulations. Until then, companies will continue to track what you upload and download, where you go online and what information you share. Encrypted file sharing can help consumers keep their data safe while the legal landscape catches up, and help businesses prepare for new regulations.
4. Blocking Ads Doesn’t Block Tracking.
- Sites you visit
- Site preferences and activities
- Files you create or upload
- Data you enter in browser windows
They then use this information to show you targeted ads, selected to appeal to the things they think you’re interested in.
Sick of ads slowing down their browsing, consumers are increasingly using ad-blocking software to browse without the pop-ups. 26 percent of laptops and desktops now have ad blockers installed, and companies like Apple are pushing their adoption on tablets and phones.
Unfortunately, although ad-blocking software can stop your browser from loading ads, it doesn’t prevent companies from following you online. Clearing your browser cache regularly and installing anti-malware programs can decrease the risks, but they can’t eliminate them entirely. You need to assume you’re being watched, and take action to protect your most sensitive files. Encrypted file sharing makes it far less likely that organizations will be able to scan your documents for information about you, substantially decreasing the risks of tracking.
Ensure Your 2016 is Locked Down with Encrypted File Sharing
In 2016, we face bigger privacy threats than ever before, but we also have the opportunity to create a more secure world — if we all play our cards right. Whether you’re looking for a way to secure email attachments, or need a a data-centric G Suite (formerly known as Google Apps) encryption solution, Virtru provides the most secure encrypted file sharing. Contact us to learn how Virtru can help keep you safe in 2016 and beyond.