Recently, we looked at the differences between data breaches and data hacks. We also highlighted some similarities between them, most notably that in the aftermath of a security incident (accidental or deliberate) time is of the essence. But do you know what’s even wiser than acting rapidly? Avoiding security incidents entirely!
To help you do this in your organization, here are some best practices for preventing data breaches and data hacks. Implementing these as part of your infrastructure and culture can greatly minimize the volume, frequency and severity of security incidents.
Train employees to recognize phishing scams
Most data breaches start when a negligent employee clicks on a malicious link or downloads a malicious attachment in a phishing email. These emails are becoming increasingly hard to recognize, because hackers spoof email addresses and pretend to be someone trusted and familiar (e.g. customer, client, supplier, etc.). You want your employees to exercise extreme caution and be vigilant at all times. When in doubt, they should contact the security team before clicking links or downloading attachments.
Furthermore, talk regularly and openly with employees about physical machine/device and digital safety, and take the time to discuss new cyber threats. Employees who feel like they are part of the solution will feel a greater sense of responsibility and accountability.
Implement the right tools to protect your dataYou need to guard your organization’s entire surface area with the right tools, including:
- A secure VPN to channel data into and out of the network through encrypted tunnels. If you need some help deciding which VPN is right for you, here’s a review of some of the most popular solutions.
- A firewall, which can be software- or hardware-based. Once installed, a firewall helps protect your network against hacking attempts, while also filtering out other types of unwanted traffic.
- Vulnerability management software like Rapid7 or Nessus Professional, which patches security flaws before hackers exploit them. There are also free vulnerability scanners for websites like Nikto or Wpscan. Hackers scan thousands of websites an hour looking for vulnerabilities that will allow them to break in.
- A robust password manager, like Devolutions Password Server or Devolutions Hub, that offers features such as password rotation, a password generator, and real-time email alerts in the event of unauthorized or fraudulent access attempts. Remember that the vast majority of data breaches are caused by stolen or weak credentials.
Don’t forget mobile devices
We often forget about mobile devices in the workplace, but hackers don’t because this is an easy entry point to the network. By using unprotected Wi-Fi networks or simply downloading malware-laden apps, end users run the risk of opening the door to whatever is stored on their device.
Stay in the know
I know you’re already busy, but you need to stay up-to-date on the latest risks and threats. These days, basic knowledge is simply not enough to protect against sophisticated cyber attacks. Hackers are getting more and more innovative and creative — and you have to keep up! Two good sources to regularly check out are Information Security News and The Hacker News.
Strengthen network security
End users in your organization may be unintentionally providing an easy access route to your servers. To prevent this, ensure that logins expire after a short period of inactivity, and that each time devices are plugged into the network they are scanned for malware.
With software updates, it’s always better for your digital and cyber security the sooner it’s done. Many harmful malware attacks take advantage of software vulnerabilities, which is why software updates are vital, as the updates often include critical patches to security holes. Hackers can scan thousands of websites an hour looking for vulnerabilities that will allow them to break in. Software Updater programs, like Patch My PC Updater, FileHippo or Thor Free, will help you keep all your software updated to their latest versions.
Data hacks and data breaches are unfortunate realities that all organizations must face — especially SMBs, which have become ground zero for cyber crime. Will implementing these best practices make your endpoints, servers and network “bulletproof” against both accidental and deliberate data theft? Unfortunately, the answer is no. But they will go a long way towards helping you minimize the volume, frequency and severity of security incidents (while helping you sleep better at night!).