[BreachExchange] Five ways to prevent data leaks
Audrey McNeil
audrey at riskbasedsecurity.com
Mon Feb 13 17:59:01 EST 2017
https://www.helpnetsecurity.com/2017/02/13/prevent-data-leaks/
The story still strikes fear into the hearts of IT departments: As many as
70 million credit- and debit card accounts were compromised in less than a
month during the Target data breach. While Target’s internal security team
was using all of the right protocols, it was an external contractor who
ultimately provided the way in. No matter how locked down an IT department
is, most breaches occur when a third-party provider is involved, allowing
the leakage of critical data such as passwords or IP.
Any business running multiple cloud-based apps—and today, that’s most of
us—runs a high risk of exposure through data leakage. Here are five ways to
keep data protected, and secure this year.
1. Identify critical data
First, businesses must recognize how to identify their own critical data.
This means being able to categorize what data is in need of the most
protection and how to utilize data loss prevention (DLP) software to
protect any sensitive information. Depending on industry, this could mean
PHI, financial statements and blueprint or strategy checks.
Since DLP relies heavily on proper classification of information,
organizations should actualize a data protection strategy, primarily
targeting sensitive documents and their handling. This is a progressive
strategy; you can’t tackle everything at once. First, classify types of
data to the concise policies of your organization. Prioritize small modules
and target key endpoints to provide employees with learning opportunities
before wider deployment. Then take an objective review period for initial
results.
2. Monitor access and activity
The next step in preventing data leakage is to closely monitor traffic on
all networks. The ability to automatically discover, map and track what is
deployed across your entire business infrastructure provides a picture of
your network in real-time.
Because the average hacker conducts reconnaissance within a network for six
months before actually breaching a system, businesses need to identify
anomalous behavior before a breach occurs. Monitoring tools supervise
access and activity, notifying administrators of red flags when an employee
downloads, copies or deletes information.
A Data Activity Monitoring (DAM) solution can provide another layer of
protection by detecting unauthorized actions. While a DLP’s focal point is
on network and endpoints, DAM targets database activity. Using both
solutions concurrently provides broader protection through the layered use
of monitoring and alerts, and blocking suspicious users or activities
remotely.
3. Utilize encryption
If your business has not already done so, you should consider encrypting
any private, confidential or sensitive information. While encryption is not
impenetrable, it remains one of the best ways to keep data secure. A
carefully implemented encryption and key management process renders stolen
data unreadable and useless.
Enabling encryption across different points of your network—including data
at rest and in transit—can provide significant protection from even the
most advanced attacks. Businesses should enable a layered defense system
through proactively monitored and managed encrypted networks.
4. Lock down the network
Being able to lock down your network needs to be be a primary focus of
prevention efforts. With the rise of mobile technology, data leakage also
is experiencing an uptick. While many employees are aware of the steps that
must be taken to safeguard sensitive data, some simply do not recognize
their practices as unsafe. This can be mitigated by frequent tutorials and
practice testing of good practices.
5. Endpoint security
Since data also leaves networks through exit points within IT
infrastructure, businesses can more effectively manage data loss risk by
choosing DLP solutions that monitor and act at these exit points. This
allows IT staff to determine what confidential information is leaving and
when and through what specific channel or device.
With the BYOD trend growing in businesses of all sizes, endpoint management
needs to be an essential part of your company’s security. Securing BYOD has
become much more difficult, due to both geography and the multitude of
platforms that must be supported, but the placement of effective controls
can enable companies to follow the movement of data.
Retaining central control with the ability to monitor personal devices
connected to corporate networks allows holistic observations of your
network. Without this endpoint protection, data breaches can go
unrecognized for longer periods of time, exacerbating vulnerabilities.
Beyond the fundamental steps to secure data, such as network firewalls,
intrusion prevention systems, secure Web gateways and endpoint protection
tools, more effective threat response begins with advanced security
monitoring, as previously mentioned. Employing effective security
technologies, as well as implementing best practices, can go a long way in
preventing data leakage.
A multi-step solution
The keys to preventing data leakage are manifold. Identifying critical
data, monitoring access and activity with a combination of DLP or DAM
solutions, utilizing encryption, retaining control of your network and
using endpoint security measures all equal a fine-tuned and customizable
program to protect your entire organization.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170213/95610f1e/attachment.html>
More information about the BreachExchange
mailing list