[BreachExchange] Why Your Startup Needs To Monitor Who Can Access Your Network
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Jan 22 10:50:54 EST 2019
http://www.youngupstarts.com/2019/01/19/why-your-startup-needs-to-monitor-who-can-access-your-network/
There’s a fundamental difference between the sensitive data that your
business stores, and the publicly accessible information that you hold. For
hackers, that difference could be the key to gaining access to everything
that you store, and your business will be at major risk of disruption.
Access is one of the most important factors to consider when looking at
online security, and monitoring who can access certain levels of data
sensitivity can go a long way to boosting your security levels.
With up to 63% of data breaches occurring due to weak staff security,
access restriction should be one of the first things to consider when it
comes to online safety.
First Steps.
One of the first things to do is to segment your data so that you know what
is sensitive. Categorizing your data will mean that you have a greater
understanding of when and where to be more security conscious. Your
sensitive data will need additional levels of security, and you should
consider encryption or even two-factor verification alongside the decision
of who should have access to that data. You should also consider making use
of audit logs so that you have a quick way to assess suspicious behavior.
Who Has Access?
People are always going the be the weakest link when it comes to online
security. The majority of data breaches have been caused by human error,
and that can make your data much more vulnerable. As well as ensuring that
only those employees that need data access have it, you should also ensure
that every employee receives some form of training on the importance of
strong passwords, and are kept up to date on the latest phishing trends and
scams.
BYOD Concerns.
One of the challenges of online security is the fact that so many
businesses are using a Bring Your Own Device mentality. When your workforce
are using their personal phones and tablets, plugging them into business
technology, your data becomes much more exposed to potential threats.
Again, this means making sure that your team are aware of the potential
dangers to both them and you.
Establish Control.
The more control that you have over your access points, the stronger your
online security will be. Information security management is more
challenging when you’re a small startup, and the temptation is to use your
minimal resources and just grant data access to everyone in your team. When
you’re using freelancers as well, this can leave your security very open
and exposed. Make sure that you constantly check your access permissions.
Admin tools allow you to take control over who has access, and new team
members can be easily added, while temporary workers can be removed from
access listings quickly and easily.
Always make sure that you know just who in your team has access to your
data, as well as understanding just what that data is. The more that you
understand about endpoint security and access control, the safer your
business will be. Restricting access across the board will mean that you
are making it much harder for cybercriminals to gain access to your data
and potentially ruin your business.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20190122/ed058cf6/attachment.html>
More information about the BreachExchange
mailing list