Karuna Pande Joshi says data leaks from insiders are increasingly hard to prevent

The leak of confidential financial documents from a Panamanian law firm, known as the “Panama Papers,” has raised major questions about how wealth moves across international borders. For governments and companies that manage sensitive information, it’s also raised questions about the possibilities and limitations of safeguards designed to protect data. Karuna Pande Joshi, research assistant professor of computer science and electrical engineering, explains through a new op-ed in The Conversation how data breaches occur, how to avoid them, and how they are, at some point, unavoidable.

Joshi describes how companies often devote resources to protect data from external hackers and cyber attacks, but that internal threats raise different challenges. “Organizations spend significant resources to firewall their data against attacks by external hackers and cybercriminals,” Joshi says. “However, they have to often face the dichotomy of effectively preventing leaks of data by the very employees who need to use it for their daily work.”

One common issue that companies need to deal with is the use of smartphones in the workplace, and the increasing capacity of smartphones, Joshi says. Some employers allow employees to access confidential data with their smartphones and store it on the device for easier access in the future.

Companies can configure computers in ways that prevent people from printing, moving, or copying documents, Joshi says, but doing so can have the negative impact of restricting employee access to documents and data in ways that make it difficult for them to accomplish their duties. “In today’s world, where employees often collaborate on documents and use shared data sets to complete their work, it is impossible to prevent an insider attack,” notes Joshi.

Read the full article, “Panama Papers: how do leakers leak?,” in The Conversation.

Image: Karuna Pande Joshi. Phoyo by Marlayna Demond ’11 for UMBC.