You hear about security breaches in the news and the financial and reputational damage they can cause—but how do you know if your business is protected?
Hackers work to gain information through various avenues, including phishing emails, viruses, password detection, or unencrypted Wi-Fi. You may have the foundational infrastructure in place to protect your networking and data management platforms, but what are the best practices to avoid becoming a target?
You can have the best security infrastructure available, but hackers can still access a key area of vulnerability for many companies—employees. In a survey conducted by CompTIA, 63 percent of respondents use their work mobile devices for personal activity, 95 percent connect their laptops and mobile devices to public Wi-Fi networks, and 45 percent said they have not received cybersecurity training from their employers. So how can you protect your company from risk? Here are three tips:
- Control access points and create limited levels of access for authorized users only. Authorized users can help to track and manage who is accessing your data.
- Have your employees trained on how to recognize and respond to social engineering tactics. Employees should avoid dangerous applications, understand password parameters andrecognize phishing emails. They should also understand what to do if they recognize a potential threat.
- Have a user activity monitoring (UAM) platform in place. A UAM platform helps organizations rapidly detect and respond to the most critical security incidents inside the network. This technology will help identify suspicious activity.
The ongoing creation of new cybersecurity threats reminds me of a scene in the movie Vegas Vacation. Chevy Chase is touring the Hoover Dam and experiencing leaks in the wall. As soon as he patches one leak with gum another appears, and then another and another….How do you maintain security in an environment with constant threats?
- Monitor your applications. Applications are great for function and productivity, but they can also be an easy target for hackers. Make sure you configure application monitoring software to align business systems. This will allow you to rank your applications in order of importance so applications are regularly tested and you are notified of an application’s status.
- Keep a detailed log of maintenance activities to monitor and identify security vulnerabilities and troubleshoot as needed.
- Stay updated on security maintenance. Many security breaches are a result of systems not being updated. In a survey conducted by BMC and Forbes Insights, respondents said that 44 percent of security breaches occurred after vulnerabilities and solutions were identified but not addressed in a timely manner.
Planning and Guidance:
What happens if you do have a breach and how do you ensure you are in compliance?
- Implement a data breach response plan and have the proper policies and procedures in place to minimize impact and downtime.
- Review compliance guidelines including the Health Insurance Portability and Accountability Act (HIPAA) and ensure you’re aligned with industry regulators such as the Payment Card Industry’s security (PCI) standards and the International Organization for Standardization’s (ISO) standards, if it applies to your business.
- Have monitoring and risk assessments on all systems, assets and devices. These will help you identify and analyze areas of weakness.
Following these best practices and having the proper processes in place will give you the confidence to successfully protect your business from cybercriminals.
About the Author
Becky Palmer is a Marketing Manager within Tech Data’s new Security and Information Management business unit. She currently manages security and storage software vendors that are part of Tech Data’s security solutions portfolio, which can be summed up in three words: detect, protect and remediate. Join the conversation at @TechDataSecInf