Technically Speaking

The Official Bigstep Blog

 

Data Breaches are Now Commonplace: How Can You Keep Safe?

The year 2014 was dubbed 'the year of the data breach', but it looks like 2015 will meet or surpass it in terms of the numbers, sizes, and severity of the data breaches. Astoundingly, when the reasons behind the breaches come to light, it was almost always due to a lack of taking cyber security seriously. What will it take for people to step up and take action? Here are the ways you can assure your organization doesn't experience the same fate.

The year 2014 was dubbed ‘the year of the data breach’, but it looks like 2015 will meet or surpass it in terms of the numbers, sizes, and severity of the data breaches. Astoundingly, when the reasons behind the breaches come to light, it was almost always due to a lack of taking cyber security seriously. What will it take for people to step up and take action? Here are the ways you can assure your organization doesn’t experience the same fate.

Be Aware of the Potential for Insider Threats

Sometimes, it isn’t the threat from outside your walls that can cause the most harm. Users with high-level systems access are your most dangerous threats.

The devil isn’t always on the outside looking to get in; sometimes he’s already in looking at all the harm he can do. Whether you hail Edward Snowden as a hero or curse him as a traitor, there is no denying that his case illustrates what a contractor or rogue employee can do. Be sure your security solutions address insider threats as well as outside intruders.

Review Privileged Users Often

Contractors, temp employees, third-party vendors ... there are a lot of folks gaining access to your systems on a regular basis. What about the contractor who has high-level access to your systems and shares his passwords with his workers and secretary and even his temp workers? Frequently review who has privileges and revoke access that isn’t necessary.

Require Strong Passwords & Frequent Password Changes

People hate long, hard-to-remember passwords. That’s too bad. Long passwords with a variety of upper and lower case letters, numbers, and special characters do not assure that nobody can steal or break a user’s password, but it does make it especially hard. Also, require that passwords are changed frequently so that if one does end up in the wrong hands it doesn’t work for long.

Make Sure Your Team Understands How Your Security Tools Work

Unbelievably, a lot of businesses invest in security solutions that end up as shelfware. Once they’ve bought the product and realize what it would take to install it, keep it updated, and keep it monitored, they give up for a lack of workers, time, and resources. Just as bad are businesses that set up security tools but fail to configure the tools properly because they don’t understand how to use the product. Get whatever help you need to assure that your security tools are set up and working properly and that you have the right monitoring in place to detect and thwart intruders.

Take Application Vulnerabilities Seriously

Another all-too-common problem is launching applications with known security vulnerabilities. Whether the product is homegrown or built and managed by a third party, application vulnerabilities are serious problems. Insist that security vulnerabilities are addressed before installing and using the product.

Develop an Incident Response Plan & Make Sure It’s Practiced & Understood

Say a breach does occur. How quickly will your team be ready to act to get the intruder stopped and begin collecting valuable forensic evidence of the attack?

Antivirus software, firewalls, and other security tools do offer something of a parameter barrier to intruders, but the most sophisticated attackers just aren’t stopped with these measures anymore. A robust security solution includes network, application, user, and system monitoring, and is backed by a thorough incident response plan. If the team doesn’t understand the plan, that’s as bad as not having one, because nobody will know what to do if an intruder is detected.

If data security is too much to handle in-house, the best option is to partner with a third party data storage provider that is able to secure your data with the right tools and monitoring solutions. Learn more about Bigstep today.

Got a question? Need advice? We're just one click away.
Sharing is caring:TwitterFacebookLinkedinPinterestEmail

Readers also enjoyed:

How to Provide Enterprise-Level Security to Cloud-Based Apps

Cloud-based apps are a must-have these days. Every business from your news channel to your bank to your video streaming service offers robust, highly…

What is the Next Generation Firewall? How Can You Choose One?

In the market for a new firewall? The next generation firewall (NGFW) is a distinct improvement over the previous generation for this era of Internet…

Leave a Reply

Your email address will not be published.

* Required fields to post your comments.
Please review our Privacy Notice in order to understand how we process your personal data and what are your rights in this respect.