Skip to main content

Sage Is Latest Company To Report Internal Data Breach

By September 5, 2016May 25th, 2021Blog, Cybersecurity

SageXIsXLatestXCompanyXToXReportXInternalXDataXBreachSage, LLC, a British company providing business software solutions for clients around the world, was the latest victim of a data breach. This one, however, came from inside the company itself. This is an increasingly common problem, though not as widely reported as the high profile data breaches from hackers outside the company’s firewall.

One of the types of software Sage deals in is payroll software, and the company keeps the payroll data of their corporate clients on their servers. Recently, a 32-year-old woman was arrested for fraud, when evidence surfaced that she had inappropriately accessed the payroll data of upwards of three hundred of Sage’s corporate clients. What she ultimately intended to do with the data is unclear, but the potentially impacted clients have been notified.

This is a grim reality faced by companies all over the world. What makes these kinds of breaches so damaging is that since the employees have network access, and often significant levels of access, they’re in a prime position to do incredible damage, and possibly make off with large amounts of sensitive corporate data. Worse, it doesn’t matter how much you’ve spent on digital security, very few of the tools you put in place will protect against this kind of attack.

Ultimately, the best defense against internal threats comes from three things:

A robust audit system, that allows for fine-grained tracking of who access what data, when, and for what purpose.

A thorough vetting of all employees, and proper ongoing training to be sure that all employees understand the ramifications of mishandling the data they are entrusted with.

A periodic review of all access rights, designed both to ensure that no one individual has unfettered access to everything (stop-loss control), and to ensure that employees only have access to the data they need to perform their job functions.

If you have any concerns about your company’s security policies or protection, contact us today so one of our skilled technicians can help.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.