In today’s data-driven world, security threats are no longer limited to top-tier Fortune 100 companies. Security breaches are a growing threat to companies of all sizes, ranging from SMBs to global conglomerates — and it’s every employee’s responsibility to help stop them.
This concerning trend is what prompted me to sit down with Tech Data’s Security and Information Management Director, Tracy Holtz, to map out top threats and best practices for maintaining security hygiene. Together, we identified these three keys to protecting your organization with a clean, multi-layered approach.
There Are Bigger Phish to Fry
Phishing and malware threats are not the most blatantly obvious scams they were a decade ago. They’ve become much smarter, much stealthier and much more security crippling. According to Verizon’s 2016 Data Breach Investigations Report, email attachments are now the No. 1 delivery vehicle for malware, hooking victims with increasingly clever, targeted phishing attacks.
Unfortunately, this is a pattern we’re seeing with other malware threats like ransomware, backstabbing, and extortion attacks. In fact, Tech Data malware researchers discovered that the ransomware Chimera can encrypt files in 18 seconds.
In the time it likely takes you to restart your computer, a ransomware attack could completely cripple your security system and take your data hostage.
To keep your organization safe in an increasingly complex security landscape, Tracy and I recommend partnering with trusted security experts to perform a network architecture audit.
For example, resellers often partner with Tech Data's team of engineers and cloud experts to identify potential risks and loopholes in their security infrastructure. Once these weak spots are identified, Tech Data's security professionals then suggest “patches” to boost the reseller’s security system. With this approach, all system updates work as a cohesive unit to reduce attacks, minimize system flaws, and stay one step ahead of the enemy at all times.
A Smart Team Is a Strong Team
The phrase “the best defense is a strong offense” is just as applicable to security as it is to sports. And one of the easiest ways to boost your security offense is to arm the frontline of your organization with consistent, ongoing education.
Phishing attacks increased by 250 percent in just the first quarter of 2016, leaving 123,000 sites infected by March, according to APWG’s Phishing Activity Trends Report.
This highlights two specific problems:
- Phishing attacks have become much more sophisticated.
- Employees aren’t receiving the regular training they need to adapt to emerging threats.
For this reason, Tracy and I recommend making continued education, which includes everything from case studies and handouts to webinars and in-person workshops – a priority to keep employees vigilant and aware of suspicious behavior.
As the old adage goes, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” The same concept holds true here: coaching employees to think like attackers empowers them to adapt, react, and even prevent suspicious activity before it escalates into a full-scale breach.
The Silver Lining in the Cloud
You don’t necessarily need more control over your data’s physical location to maintain system security. You can boost your security efforts by simply understanding your system’s requirements and carefully controlling accessibility whether it’s on-premises or in the cloud. This means deploying a cloud-based system isn’t the leap of faith some might have expected.
However, you don’t have to dive into cloud deployments headfirst. You can ease your way in with a hybrid cloud approach, which allows you to backup and store sensitive data in a secure location in the event of a cyberattack. But, no matter where you store your organization’s data — on-premises, at a farm, or a hybrid of the two — it’s essential to understand your data storage setup in order to protect it and implement an effective backup recovery system.
Cloud computing is the way of the future, and you’re just a few steps away from a seamless transition. To stay tuned on the latest cloud computing trends and insights, follow me on Twitter @snethercoat.