[BreachExchange] Four ways to prevent data breaches
Destry Winant
destry at riskbasedsecurity.com
Mon Mar 30 10:27:20 EDT 2020
https://www.helpnetsecurity.com/2020/03/27/prevent-data-breaches/
When it comes to breaches, there are no big fish, small fish, or
hiding spots. Almost every type of organization – including yours –
has critical personally identifiable information (PII) stored. Storing
PII makes you a target regardless of size, industry, or other
variables, and all it takes is one employee thinking a phishing
attempt is legitimate. That means everyone’s at risk.
Statistics show that data breaches are on the rise and can bring
devastating, long-term financial and reputational repercussions to
your organization. The 2019 Cost of a Data Breach Report, conducted by
Ponemon Institute, estimates the average total cost of a data breach
in the United States to be close to $4 million. And the average price
for each lost data record, says the report, is around $150.
Breaches happen in so many ways, a one-size-fits-all solution doesn’t
exist. Security requires a multifaceted approach to be successful.
Here are four ways (plus one) your organization can beef up its data
security barriers and prevent data breaches.
1. Train employees
Put all new employees through data security training and require all
employees to take a refresher course at the start of every year, so
the latest security guidelines are fresh in their minds.
While this type of training can be dull, it only takes a few minutes
to cover the essential details. For example, employees should:
Treat all devices (e.g., desktops, laptops, tablets, phones) as being
capable of accessing the organization’s systems
Never write down or leave a record of passwords where others can
easily find them
Be extra suspicious of emails or phone calls from unverified people
requesting passwords or other sensitive information (There’s more on
that last one below.)
Incorporate some up-to-date breach statistics to help convey the
seriousness and pervasiveness of threats and the possible financial
ramifications.
2. Simulate phishing attacks
Many security issues are the result of human error, such as clicking
on a link in a malicious email.
Spear phishing attempts – i.e., highly targeted and customized
phishing efforts – tend to lead to more breaches because they target
specific personnel. The messages may reference a department or regular
job function and can appear similar to other relevant messages in the
target’s inbox on any given day.
Free or paid phishing simulators can test your employees’ ability to
detect phishing emails by sending some of those types of emails
yourself. Alerts and reports are provided for when someone responds to
one of these messages.
Using one of these simulators, you can put your employees through
active training to help them become more secure.
Remember to remind staff to double-check anytime they aren’t 100%
positive that an email is legitimate. If an employee receives
something that looks even a little off or out of the ordinary from a
sender they know or can contact, they should run the thing by the IT
team.
3. Evaluate accounts
How often does your IT team evaluate existing accounts? It can
undoubtedly be a complicated process, but evaluating all of the
activated accounts within your organization can go a long way in
shoring up security and minimizing digital bloat.
Are there orphaned accounts floating around within your organization
that former employees can still access? Are there review processes for
determining and updating what different users should be able to access
as their position within the organization changes?
The best time of year to evaluate accounts may be when you update
everyone’s accounts from the previous year. If the time to sit down
and evaluate accounts continually eludes your IT team, have them chip
away at it between other processes, or have them schedule it as a
larger project during less demanding months.
4. Review your user account lifecycle processes
What is the standard process for deactivating accounts when employees
leave your organization or outside consultants are no longer providing
services? These types of departures – whether involving immediate
security concerns or not – are the most significant contributors to
orphaned accounts plaguing in your systems.
Manually managing or automating account deactivation is crucial.
Review and optimize your organization’s deactivation processes to
determine how fast and comprehensive they are when it comes to quickly
restricting accounts.
Rapid responses can prove invaluable, providing peace of mind that
comes from knowing your account review process cleans everything up.
Side note: Consider implementing a secure SSO solution
Having a single point of entry for the majority of your systems and
applications can make things easier for all employees. Users will only
need to remember one set of credentials and administrators can protect
resources behind more restrictions without reducing easy access. By
limiting the point of entry to one single spot, you can protect
against potential data breaches. Configurable security settings, like
date and time restrictions, allow administrators to control their
environment even as systems and applications are extended to the
cloud.
Applications and systems containing certain sensitive information can
be made inaccessible from anywhere other than specific physical
locations to help prevent risks, and secure portals can maintain logs
of user activity, including when and how information is accessed.
Your organization’s data is one of its most valuable resources.
Protecting it doesn’t have to be complicated or expensive, but it must
be done right. Strengthen your organization’s data security practices
today by starting to implement some or all of these practices.
More information about the BreachExchange
mailing list