Data hacks, also known as a data breach, are becoming increasingly common and more severe. Some of the world’s biggest companies have fallen victim to hacks in recent years. With GDPR fast approaching, it’s more important than ever that companies protect and secure the data they hold. Some data breaches have attracted global media attention, with the number of people affected reaching millions. Some of the biggest data breaches witnessed in the 21st century include victims like Adobe, Equifax, Uber, eBay, Marriott, LinkedIn and many more exposing millions of records containing sensitive information.
DATA BREACH PREVENTION
How to reduce the risk of data leakages?
Companies must ensure that data is adequately protected to prevent loss or theft. Where a breach has taken place, companies may need to notify individuals as well as face negative impact on the company’s brand and customer loyalty. Under the General Data Protection Regulation, companies may face fines of up to €20 million or 4% of annual turnover.
It is possible to minimise the risk of data breaches by following a number of best practices and putting certain preventive controls in place across your organisation.
Tsaaro recommends 6 primary preventive controls to reduce the risk of data leakage:
- Up-to-date Security Software: Ensure software is updated and patched regularly to avoid weak spots for hackers to exploit.
- Regular Risk Assessments: Carry out vulnerability assessments to review and address any changes or new risks in data protection. Consider all aspects, such as data storage and remote access for employees, and ensure that policies and procedures are adequate.
- Encryption and data backup: Personal data should at least be encrypted, including on work laptops issued to staff. Instead of using backup tapes that can be lost or stolen, data can be backed up to remote services using the Internet.
- Staff training and awareness: Train staff to follow best practices, be aware of the importance of data security and how to avoid mistakes that could lead to breaches. Awareness of sensitive data and security should be a part of the company’s culture.
- Ensure vendors and partners maintain high data protection standards: When working with other companies that may be handling your customers’ data, make sure they also have adequate systems in place to protect data.
- Third Party Data Security Evaluations: Having a third party carry out a risk evaluation allows an objective and outside view of the current breach risks. A Data Security expert can advise on the best solutions specific to each company to reduce the risk of breach. This also demonstrates a serious intention to ensure data protection.
There are effective ways to prevent data breaches with proven methods for prevention.
Tsaaro helps you in gaining a visibility of what hardware and software assets you have in your network and physical infrastructure will help you gain a greater understanding of your organization’s security posture. An asset inventory can also be used to build categories and ratings around the threats and vulnerabilities your assets may encounter. Categories and ratings for these vulnerabilities can help you better prioritize the remediation efforts that will take place on these assets.
Data breaches put a major focus on endpoint protection. Antivirus is just not enough to prevent a major data breach. Tsaaro offers a comprehensive endpoint solution that will use encryption to prevent data loss and leakage, enforce unified data protection policies across all your servers, networks, and endpoints, thereby reducing the risk of a data breach.
VULNERABILITY AND COMPLIANCE MANAGEMENT
Tsaaro helps you in carrying out vulnerability assessments to review and address any changes or new risks in data protection. Using a vulnerability and compliance management (VCM) tool or at the very least completing a vulnerability assessment will help you identify the gaps, weaknesses, and security misconfigurations within your physical and virtual environments. VCM can continuously monitor your infrastructure and IT assets for vulnerabilities and compliance weaknesses and configuration best practices.
Some of the benefits that will help mitigate a data breach include allowing your security team to better understand the security vulnerability risks of the environment, i.e. Threat Landscape, and priorities around what requires remediation. A good VCM will allow you to create an action plan to remediate these vulnerabilities and assign them to appropriate staff members.
REGULAR AUDITS ON SECURITY POSTURE
Tsaaro helps in completing regular audits to identify potential new gaps in compliance or governance that will help in validating your security posture. A security audit will be a more thorough assessment of your security policies compared to the vulnerability assessment or penetration testing. A security audit considers the dynamic nature of the organization as well as how the organization handles information security.
Common questions that may come up in the security audits could include:
– Does your organization have documented information security policies?
– Do you have a management process in place, escalation profiles, and procedures documented and tracked, a playbook in place in the event of incidents or breaches?
– Do you have network security mechanisms in place (next-gen firewalls, IDS/IPS, EPP, etc.)?
– Do you have security and log monitoring setup?
– Are there encryption and password policies?
– Is there a Disaster Recovery & Business Continuity Plan?
– Are applications tested for security flaws?
– Is there a change management process in place at every level within the IT environment?
– How are files and media backed up? Who will be able to access this backup? Are restore procedures tested?
– Are the auditing logs reviewed? When are the security auditing logs reviewed?
TRAIN & EDUCATE YOUR STAFF
After completing your security policy audits, organisations should engage in enforcing a written employee policy around data privacy and security. Conducting regular security training so that all employees are aware of these newly created policies as people cannot voluntarily comply with unfamiliar policies. Tsaaro conducts security events, CIPT training and shares podcasts related to data privacy that preaches several ways of reducing the risk of data leakage.
When establishing security policy for employees, Tsaaro recommends considering training on the following:
– Controlling end user access and privileges as it relates to the common policy called “least privilege”
– The use of various, unique passwords on computers or other devices used for work purposes
– Implement a documented system for departing employees, and vendors/contractors (passwords, key cards, laptop access, etc.)
– Train employees on the importance of reporting suspicious data security leakage or data security breaches or insider threats
– Create a policy that describes how employees should handle, dispose of, retrieve, and send data
– Employees also need training on the types of modern phishing attacks. As discussed in our ransomware blog, phishing is the most common way for ransomware to spread within an organization. If you can train and educate your employees about the pitfalls and indicators to look for in a “phishy” looking email, your organization will be well served.
It may seem like a tedious operation to prevent data breaches. If you take a layered approach to security with various measures, policies, and procedures to mitigate security threats, you will be in a much better state than if you allow your organization to remain slack to an ever-changing threat landscape.