High-profile data breaches remind us all that data security is a top priority for businesses. If you've recently read our security ROI blog, you may have discovered that businesses now have a one in four chance of experiencing a data breach that will cost them approximately $2.21 million over the course of of the next two years. The consequences of a leak include reduced customer loyalty, distrust, potential loss of revenue and negative brand reputation.
Asset Inventory
Visibility into the hardware and software assets you own across your network and physical infrastructure will help you better understand your organization's security posture. An asset inventory can also be used to establish categories and ratings around the threats and vulnerabilities your assets may face. The categories and rankings of these vulnerabilities can help you better prioritize remediation efforts that will be deployed on these assets.
Data breaches put emphasis on endpoint protection. Antivirus is not enough to prevent a major data leak. In fact, if you rely solely on antivirus protection, you'll leave your endpoints, like desktops and laptops, exposed. Your desktop and laptop computers can become a major gateway for leaks.
A comprehensive endpoint solution uses encryption to prevent data loss and leakage and applies unified data protection policies across all your servers, networks and endpoints, reducing the risk of data leakage .
Vulnerability and Compliance Management
Using a Vulnerability and Compliance Management (VCM) tool or, at the very least, conducting a vulnerability assessment will help you identify security gaps, weaknesses, and misconfigurations within your physical and virtual environments. VCM can continuously monitor your IT infrastructure and assets for vulnerabilities and compliance weaknesses and configuration best practices.
Benefits that will help mitigate a data breach include enabling your security team to better understand the vulnerability risks of the environment, i.e. the threat landscape, and the priorities regarding what needs to be corrected. A good VCM will allow you to create an action plan to address these vulnerabilities and assign them to affected staff members.
Regular security posture audits
Conducting regular audits to identify potential new compliance or governance gaps will help validate your security posture. A security audit is a more in-depth assessment of your security policies than vulnerability assessment or penetration testing. A security audit takes into account the dynamic nature of the organization as well as how it manages information security.
Common questions that may be raised during the security audit include:
- Does your organization have documented information security policies?
- Do you have a management process, escalation profiles, documented and followed procedures, specifications in the event of incidents or leaks?
- Have you implemented network security mechanisms (next generation firewall, IDS/IPS, EPP, etc.)?
- Do you have security monitoring and logs in place?
- Is there an encryption and password policy?
- Is there a disaster recovery and business continuity plan?
- Are applications tested for security vulnerabilities?
- Is a change management process in place at all levels of the IT environment?
- How are files and media backed up? Who will be able to access this backup? Are restoration procedures tested?
- Are audit logs reviewed? When are security audit logs reviewed?
Train and educate your staff
After completing your security policy audits, you can implement a written policy for employees regarding data privacy and security. You'll want to conduct regular security training so that all employees are aware of these newly created policies – after all, people can't voluntarily comply with policies that are unfamiliar to them. When establishing your employee safety policy, you may consider training on the following:
- Controlling end-user access and privileges under the common policy called “least privilege”.
- The use of varied and unique passwords on computers or other devices used for professional purposes
- Establish a documented system for employee and vendor/contractor departure (passwords, key cards, laptop access, etc.)
- Train employees on the importance of reporting suspicious data leaks or leaks.
- Create a policy describing how employees should handle, dispose of, retrieve and send data.
Employees should also be trained on the types of modern phishing attacks. As we explained in our ransomware blog, phishing is the most common way for ransomware to spread within an organization. If you can train and educate your employees on the traps and indicators to look for in a phishing email, your organization will be well served.
You may also consider creating an ambassador within your organization who can lead and oversee these various information security training topics until their completion.
Preventing data leaks can seem like a tedious task. If you take a layered approach to security, with various measures, policies and procedures to mitigate threats, you will be in a much better position than if you allow your organization to remain relaxed in the face of an ever-changing threat landscape.