What the Panama Papers Can Teach Us About IT Security


April 18, 2016

Over the past weeks, the Panama Papers have been all over the news. These documents shed light on how billionaires and large corporations are able to hide assets and avoid taxes, but there’s another important point that many people tend to miss – they show exactly how important IT security is.

Computer Security

The information found in the Panama Papers is highly sensitive and was guarded closely by Mossack Fonseca, the law firm that owned it. However, their security wasn’t diligent enough to keep somebody outside the organization from obtaining and distributing it. While we don’t know exactly how the security breach occurred just yet, we do know that their security was lacking in several key areas.

As a small- or medium-sized business owner, this should terrify you. Reports estimate that over 11.5 million files consisting of about 2.6 terabytes of information were stolen without anybody noticing. Stealing the amount of information that your company stores would be trivial in comparison.

To alleviate your fears, we’re going to take the time below to discuss exactly how Mossak Fonseca failed to protect its valuable information, and what precautions you can make to avoid the same fate.

Client Portals

According to Wired UK, one of the biggest vulnerabilities of Mossak Fonseca was their client portal. It ran on an obsolete version of SSL, leaving it open to a variety of known attacks. Shockingly, the last time it was updated was back in 2013.

You need to take your customer’s privacy as seriously as possible. Any client-based portals must be updated regularly to protect from known and unknown threats. The longer it goes without an update, the more vulnerable it is.

Email Servers

Another important failure of Mossak Fonseca’s was an inability to secure their email servers. Their email servers were just as obsolete as their client portal, running a version of Outlook that hadn’t been updated since 2009. Worst of all, they failed to encrypt outgoing emails, which left every single email they sent vulnerable.

In order to make sure your email is safe, your email server needs to be professionally managed and updated the second patches come out. Outgoing mail must be properly encrypted and incoming mail needs to be scanned for threats.

Internal Employees

Due to the volume of information stolen, it’s unlikely that a single user was at fault. However, internal employees are still one of the biggest security risks at your company. If their passwords are easy to guess or left out in the open, a brute force attack is rudimentary, and any information they have is accessible to anybody who wants it.

To completely secure your organization, you need to make sure your employees are trained and capable of dealing with security issues. This means managing their passwords appropriately, being able to recognize phishing attempts, and handling sensitive information carefully.

If you want to avoid experiencing a disaster like the Panama Papers at your own business, you need to take the time to develop the right strategies and process. If you need help with that, your best bet is reaching out to your local Baltimore, Washington, DC And Across Maryland experts here at Integris. We have the experience necessary to help secure your website, client portals, emails, and employees.

To reach out to us today, all you need to do is email us at [email protected] or give us a quick call at (888) 330-8808.

We're Integris. We're always working to empower people through technology.

Keep reading

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

As a business owner, it's important to make the most of your resources. This includes finding cost-effective solutions for managing and maintaining your company's technology. Keeping a competitive edge in your industry requires secure, modern tech that allows your...

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

If you’re wondering where to find top IT services in Minneapolis, it’s important to identify providers that offer a wide range of support, have great service and provide solid tech expertise. Comprehensive technology insight is especially important when it comes to IT...

Webinar: Email Security that Doesn’t Suck…

Webinar: Email Security that Doesn’t Suck…

Trustifi and Security 7 present Email Security That Doesn’t Suck.  In today’s age of over-complicated security tools, it is extremely difficult to manage the fine balance between security and productivity.   {% video_player "embed_player" overrideable=False,...