[BreachExchange] How to Prevent a Data Breach

Destry Winant destry at riskbasedsecurity.com
Thu Jan 3 18:58:35 EST 2019


https://www.jdsupra.com/legalnews/how-to-prevent-a-data-breach-20378/

Virtually all businesses today collect and store some sort of
information for customers, employees, vendors, and others. From
customer account data and intellectual property to trade secrets and
proprietary corporate data, the prevalence of information in the
business environment has led to a significant rise in data breaches.
In the first quarter of 2018, Infosecurity Magazine noted that almost
1.4 billion records were exposed in 686 reported breaches. And, it’s
not just a problem for large corporations.

Small and mid-sized companies with fewer data security resources are
particularly vulnerable to theft, loss and the mistaken release of
private information. As a result, it’s important for businesses of
every size to take steps to prevent data breaches. Being aware should
always be the first step in mitigating security threats, but there are
a few other ways to protect critical assets.

Knowledge is Power

It can be difficult to keep personnel ahead of the learning curve for
threat detection and response. Hackers and malicious insiders have a
seemingly endless bag of tricks from which to pull. Add to this
well-meaning insider breaches that can be caused by such things as
broken business processes, and you have a recipe for cyber disaster.

End-user security awareness and data loss prevention training are huge
benefits when done often and in such a way as to create a more
security-minded culture. By implementing cyber literacy training at
all levels of your organization, you help eliminate human errors that
could lead to a breach and help employees become more astute at
noticing suspicious behavior. Employees should know what types of
information are sensitive or confidential and what their
responsibilities are to protect that data.

More advanced cyber training is appropriate for enabling IT and
security teams to continuously improve their strategy and actively
reduce risk. Training in such areas as threat intelligence, malware
analysis and cyber forensics promote greater knowledge of threats and
vulnerabilities.

Keep Only What’s Needed

It’s important to keep an inventory of the type and quantity of
information in files and on computers so you know what you have and
where you have it. By reducing the volume of information you collect
to only what’s absolutely needed, you can minimize the number of
places you store private data and, thus, reduce the opportunities for
a breach.

The use of a remote data backup service can provide a safe and
effective means for backing up information without using tapes that
can be lost or stolen. If you choose to keep your data in-house,
remember that deleting files or reformatting hard drives does not
erase information. Instead, use software designed to permanently wipe
the hard drive, or physically destroy the drive itself. And, be
mindful of photocopy machines which often scan a document before
copying. The settings should be changed after each use to clear the
data.

Monitor What Comes In and What Goes Out

The use of Social Security numbers as employee IDs or client account
numbers is a prime way to invite hackers in. If this is a policy your
organization practices, it’s time to implement another ID system and
update your procedures — pronto.

Good data loss prevention technology allows you to set rules and,
based on those rules, block content that you do not want to enter or
leave the network. It’s an effective measure for safeguarding personal
data and restricting access. So many breaches today occur because
employees visit malicious or compromised websites that can exploit a
machine, putting an entire network at risk. Being able to block where
insiders go is key to a good security policy.

With the right training, key personnel such as your HR person or
compliance officer can know how to effectively review insider behavior
that could lead to a data breach.

Assess Your Vulnerabilities, Often

Once a quarter isn’t enough when it comes to performing vulnerability
assessments. System scans should ideally be done weekly, and every
system in the network should be assessed. This is especially important
when a new service is added to the network, new equipment is
installed, or additional ports are opened. Look at computer systems,
applications and your network infrastructure, both wired and wireless
networks, internal and external.

The process of defining, identifying, classifying, prioritizing and
training against cyber-attacks cannot be undersold. Having the
necessary knowledge, awareness and risk background to understand
threats and the ability to react appropriately to them is priceless.


More information about the BreachExchange mailing list