When data is shared unintentionally by entering a wrong mail ID

When an employee shares information with competitor organisations for benefits

When hackers try to seize private data by capturing data transmitted to the intended recipients

 Another, more intentional type of data leakage happens through phishing attacks or malware. When you click a link or Web site that has malicious code, data gets stolen from the computer. Given the Covid-19 outbreak, all organisations have asked their employees to work from home. Data vulnerability increases when an employee visits Web sites or clicks links that contain malicious codes when working at home. 

Data leakage is a very serious and present threat to organisations. Recently, the media reported that hackers had stolen a large multinational company’s data. This caused their clients to threaten to withdraw projects from the company leading to the tarnishing of the company’s good name, loss of credibility and loss of potential clients.

 Many IT organisations deal with sensitive data like insurance, banking and medical records of millions of clients. Many organisations also deal with the defence/military records of the Governments. All these data are very sensitive and need to be secure.

 Data leakage prevention is a strategy that prevents accidental or intentional data loss during transmission. It involves security rules, policies and a combination of tools relating to data security.

A data prevention strategy is developed using a scenario: The company’s server is run by its data manager and the company shares the data of the customer with its clients who are a trusted third-party developer. The strategy is to prevent intentional and unintentional data leakage.

 The system developed has four layers of data protection and data security which are mentioned below.

1. Password for logging in:

The client that wants to connect to the server must enter the correct password to connect with the server. The password will be changed on a continuous basis by the admin who maintains the server. This will be the first layer of security.

2. Trusted Clients:

After the client enters the correct password, the connection will not be established until the client is verified as a trusted client (i.e., the client must be a verified client or if it is a new client, the connection will not be established until the admin verifies the client.)

3. Encryption:

The whole data is encrypted in the server side using a module called Fernet. Then the data is sent using the TCP Protocol. So, even if a person is able to hack and get the data during the transmission, the person may not be able to decrypt the data as the whole data is encrypted in the server side, basically the hacker would be reading gibberish.

4. Data as Chunks:

In the worst case even if the hacker was able to decrypt the message, the data won’t be sent as whole, the data will be sent as chunks of data.

The whole package was built using Python Programming Language.