Back in April 2019, a third party working on behalf of Facebook left two amazon servers unsecured.  Apparently, those servers stored 540 million Facebook user ID’s, account names and interaction data.

Thus, the lesson learned here is that if you have third parties working with company data, you should be asking them how they secure their systems and your data.

Good examples of these are if you outsource your payroll, HR or finance to a third party. 

Ask them for a clear overview of the security measures they have in place. 

For a complete list of questions you should ask your third-party suppliers, click here.

January saw the Singapore Ministry of Health confirm they had a breach of 14,200 patient records. 

While the number is nowhere near the size of other data breaches, what makes this a serious breach is the nature of the data.

An unknown hacker stole sensitive data that revealed people diagnosed with HIV. 

So, the lesson for us here is that if your company is holding sensitive data, you must take the necessary steps to secure it and have those steps documented.

April saw another data breach by the car manufacturer Toyota.  Toyota has not had much luck with their current IT systems as there have been multiple data breaches in Japan, Vietnam, Thailand and Australia.

Three million customers and employees were affected by this breach.

Therefore, the lesson here is to be aware of the types of data you have and where it might be stored.

An excellent example of this is you may have a central file server for operational data, but your employee data might be stored on a completely different system. 

Hence, it’s good practice to document the categories of data you store in your company, where this data is stored and the security measure you have in place.