User profile and web data management specialist Avanite has today warned that data stored in internet caches pose a significant security risk to businesses.
Speaking following a recent event held in the USA attended by leading IT specialists, Avanite CEO Francesco Giarletta warned that organizations need to urgently address the potential security issues that simple web browsing data can cause. Giarletta says that most businesses are not aware of the risks posed by this unsecured internet browsing data, which could be used by a hacker to build a profile of the business by looking at the sites browsed, who they talk to and the systems they use, such as accounting software.
“Webcache databases store huge amounts of data about how individuals use the internet,” commented Francesco Giarletta, “This data goes far beyond the websites you visit and can include information such as usernames, passwords, and account numbers. All this data is recorded in plain text and available to any hacker or cyber-criminal.
“Additionally many websites prompt the user to remember login credentials, which, when opted for, stores an authentication cookie on the machine,” continued Giarletta. “There have been multiple reports of cookie hijacking where these authentication cookies have been stolen or copied enabling a cyber-criminal to log into a site as you without supplying any credentials. With businesses increasingly using cloud based services, this means that user logins for everything from the CRM through to accounting systems are at risk of compromise.”
Giarletta believes that while the introduction of GDPR will force businesses to take measures to protect this data many simply aren’t aware of its presence within their systems, adding: “Web data is a very real problem but it is only just coming to light. GDPR should provide a framework to help ensure it is secured, but if organisations don’t know it exists in the first place they won’t be taking proactive steps to put in place appropriate protection measures.”
" Web data is a very real problem but it is only just coming to light. GDPR should provide a framework to help ensure it is secured"
In addition to businesses, Giarletta warned that in light of the Cambridge Analytica scandal, individuals also need to be made aware of the data that their web cache is retaining, the security risk it poses, and how it could be used by businesses to build individual profiles of them.
To address these challenges Avanite has developed a free analysis tool that enables organisations to see the data generated by simple web browsing and using web based applications. By using the free downloadable tool organizations can see what data is present on PCs and servers, and the savings in disk space and storage that can be realized by addressing the issue. The tool supports all common Windows browsers and displays the number of known advertising and tracking cookies found on the system.
Having used the WebData Data Analysis tool to gain visibility of the web browser data that resides in the network and the issues it is creating organisations can use Avanite’s WebData Control solution to remove unnecessary data. WebData Control is the only solution that reduces the size of users’ web browser databases, and gives administrators full control over users’ browsing data to ensure that only required information is kept. The Avanite solution can reduce the size of WebCache files by 80 to 90%, and the number of cookies in a typical WebCache from typically 5,000 or more to a few hundred.
Avanite is offering a free one month license of WebData Control to allow businesses to clean their systems as part of their obligations under GDPR. To access the free trial visit www.avanite.com
DISCLAIMER: The statements, opinions, views and advice expressed in this article are those of the author/organisation and not of ENTIRELY. This article should represent information correct at the time of publication however whilst every care has been taken to present up-to-date and accurate information, we cannot guarantee that inaccuracies will not occur. ENTIRELY will not be held responsible for any claim, loss, damage or inconvenience caused as a result of any information within this article or any information accessed through this site. The content of any organisations websites which you link to from ENTIRELY are entirely out of the control of ENTIRELY, and you proceed at your own risk. These links are provided purely for your convenience and do not imply any endorsement of or association with any products, services, content, information or materials offered by or accessible to you at the organisations site.