Author: Philip Lieberman / Source: Identity Week
It’s been two years since the massive data breach at the US Office of Personnel Management (OPM) was revealed. Allegedly perpetrated by Chinese hackers, the breach resulted in the theft of highly sensitive personally identifying information from federal employees. Some estimates of the number of records stolen during the breach are as high as 21.5 million.
The ramifications of such an enormous data breach are likely still being felt. But, two years removed from the announcement of the attack, we can now take a look at the lessons we learned from the OPM data breach.
Nine Takeaways From the Largest Data Breach in US Government History
- The convenience of interconnected systems can lead to catastrophic outcomes. The return of air gaps and segmentation of traffic are essentials to security.
- Unmonitored sensitive systems lead to unlimited losses. Instrument sensitive systems and make people accountable for their security.
- Some systems and identities are more sensitive than others. Proper classification, controlled access and the removal of persistent access when not needed is essential to security. Implementation of privileged identity management systems and processes provide secure and controlled access to sensitive systems.
- Adding a minor amount…
Click here to read more
