In the Internet age, data is an increasingly valuable asset; data on all aspects of modern life is captured, stored and processed online. Data warehousing and machine learning techniques have enabled business organizations to use this data to learn customer habits and predict future growth. Due to surging recognition in the value of data, it is especially important for individuals, businesses and enterprises to push a security-first agenda, mitigate cybersecurity risks, and protect all business-critical or otherwise sensitive data.
Data breaches and security exploits are regularly reported in the media; the victims vary from small startup companies to world-renowned, global organizations. For organizations that suffer a data breach, there are number of possible consequences ranging from reputational damage and financial damage to legal penalties, depending on the type of data breached and exploited.
But what can you do to thwart hackers and mitigate data breach risk? The scope of possible mitigation activities is vast, ranging from simple low-level changes that can be made at a personal level to organization-wide business strategy changes. Some of the simple rules and practices, when followed, can empower individuals and organizations entrusted with sensitive data to be in the best possible position to prevent exposure to cybersecurity risks.
Keep Software Up-to-Date
The first step is to ensure that all IT software and operating systems are patched with the latest security and operational patches from the vendors. Microsoft and other vendors release monthly updates which should be applied as soon as possible. These updates contain patches that resolve the latest known exploits and vulnerabilities.
A good example is such a vulnerability is the “Wannacry” ransomware attack of May 2017 which targeted an exploit in the SMB application-layer network protocol of the Windows Operating System. Though the attack occurred in May, the vulnerability that Wannacry exploited had already been fixed by Microsoft in March 2017, two months prior to the worldwide outbreak. Many of the affected users simply had not patched their operating system in time, resulting in widespread disruption at significant cost to the victims.
Install Anti-Virus Protection Software
The next safeguard against cybersecurity risks is to ensure you have an up-to-date anti-virus (AV) protection software. Most AV protection suites are updated almost daily with the latest fixes to security exploits, ensuring systems are as safe as possible against virus outbreaks. If a virus signature is detected, the AV software will simply intercept and quarantine the virus, preventing the virus spreading onto other systems.
Back Up Critical Data
For organizations, there is a much greater scope of mitigation activities which must be completed to help mitigate cybersecurity risk and protect data. It is essential to have proven system backup strategy. Such a strategy creates backup copies of your systems which you can roll back to in case of major incidents. Implementation of full system backups across the organization as part of a security-first strategy may involve significant costs to implement; thus, it is always advisable to have buy-in from the senior leadership team of your organization.
Invest in Security Training for Employees
If your organization stores data or conducts operations online, it is highly recommended that employees of an organization regularly attend and complete security training initiatives. Continuous employee education arguably has the greatest impact in protecting data and securing information systems.
This training should typically include information about the latest security trends such as ransomware, phishing, spyware, rootkits, denial of service attacks and viruses. Educate your users on how to spot fake URLs and attachments with bogus macro-codes embedded within, as these can be used to harvest data from a compromised system. Education needs to span the entire company from the top down; thus, such education often involves significant investment in time and money, though the benefits and the enhancement in the level of security it provides are priceless.
Secure Your Infrastructure
There are also many technical solutions that can harden an organization against cybersecurity risks. Many are choosing to outsource their IT department to a managed service provider who will ultimately be responsible for managing and securing the entire IT infrastructure. Choose one who is audited for security and compliance of system data, and you will take a huge step forward to achieving a secure digital platform.
Whether you choose to outsource or keep your systems in-house, it is essential to monitor network traffic for suspicious activity. There are several intelligent platforms available that will monitor your infrastructure and alert you to anomalous activity, as well as generate trend analysis reports, monitor network traffic, report on system performance, and track and monitor system and user behavior.
The next step is to harden and secure web-facing servers and applications. Typically, an organization may have a server with an externally facing IP, exposed to the internet, within a DMZ. These servers have static IP addresses which are reachable from anywhere with an Internet connection. It is very important to ensure this public address range is frequently scanned for exploits and weaknesses.
Commonly, web and applications servers use weak and outdated versions of SSL encryption or systems that have expired certificates or web applications (such as Apache) which haven’t been updated since they were first deployed. Applications need to be tested and regularly monitored to ensure additional security, and it is important to have a trained support team that is able to instantly available to respond to problems.
Frequent scans will also help organizations understand where sensitive data is stored. Store sensitive or personal data in a proven storage solution – a system that is up-to-date and ideally encrypted. Measures need to be taken to restrict access to the data, but ultimately it is the organization’s responsibility to know where their sensitive data resides. If it is cloud-based, is it secure? Do the right people have permission to access the data? It is always recommended to base your security model on the
“principle of least privilege.”
Implement Multi-Factor Authentication
Multi-factor authentication (MFA) or two-factor authentication (2FA) another strong tool that can be utilized to help mitigate cybersecurity risks. 2FA is a security practice wherein access is granted to a user upon provision of something only they know (usually a password) with a security item they have. This item is usually a physical device provided by an organization or 3rd parties, such as a mobile phone, a PKI security card, or an RSA Secure Token. 2FA acts as a significantly strong access point to a company’s computer network, server infrastructure, or file servers. MFA is similar but adds one or more additional requirements in order for a user to gain access: something unique to the person, typically a biometric signature such as a fingerprint, retina scan, or something else.
Identify Threats, Make a Plan, and Learn from Mistakes
Many of these steps will help you to identify and discover vulnerable technology assets, and as you proceed through the implementation of your security strategy, ensure that everything is documented and that the documentation is regularly updated. Insider threat detection can be used to identify possible internal threats. Make sure to identify external threats as well. It is important to make a plan of how to prepare for the worst-case scenario, such as a data breach of confidential information. Consider: How would you respond to the incident? What tactics would you employ to identify and tackle the problem? And above all else, work out a strategy to learn from any mistakes made.
Our sales engineers stand ready to help you attain fast security and compliance with a range of certifications, such as SOC 2 and SOC 3, HIPAA, and HITECH, all with 24x7x365 support, monitoring, and world-class data center infrastructure. For faster application deployment, free IT architecture design, and assessment, call 888-618-DATA (3282), or email us at [email protected].