10 Ways To Reduce The Risk of A Cyber Security Data Breach

5 Ways To Anonymously Browse Facebook
April 27, 2019
Chrome Browser Will Block Tracking Cookies With New Tools
May 9, 2019
Show all

10 Ways To Reduce The Risk of A Cyber Security Data Breach

We live in a world where it is impossible to go about your daily life without having some form of your data stored with a company, whether it is your social network, your bank, your office, or even the retailers you shop with.

Data breaches are just getting bigger and bigger, with hackers getting savvier by the day at compromising this data. Companies are keeping thousands of files open for anyone in the company to access. In fact, Statista reports that as of 2015, 25% of global data required security but was not being protected.

According to World Economic Forum, cyber-attacks are considered among the top three risks to global stability. So why aren’t more companies putting more consideration into taking care of our data?

Prevention is always better than cure. So how can you prevent data breaches from happening at your company? Let us look into some of the ways companies can reduce the risk of a cyber security data breach.

 

1) EDUCATION

All employees should be trained on a routine basis and especially at new hire orientation to outline cyber security best practices. Social engineering training can be employed to routinely identify weaknesses in the process. After all, it is much easier to fool someone into giving you their password than it is for you to try hacking their password. Train staff to identify and take action to prevent social engineering attacks.

(Read: 5 VPN Scams To Avoid That People Fall For)

 

2) UP-TO-DATE

Use automation tools and maintenance windows to apply security patches to apply security patches to any software and firmware. Waiting for employees to manually update these themselves would not cut it. Keep a log that shows objective evidence that this has been completed.

 

3) PASSWORD POLICY

Create a secure password policy and make it mandatory for every user to follow it. A strong password makes for the basis of a strong lock. Encourage the implementation of two-factor authentication when necessary.

 

4) BACKUP

Backup, backup, backup. The 3-2-1 backup strategy, which is often regarded as the best practice to follow sees the rule as:

  • Keep at least three copies of your data
  • Keep the backed-up data on two different storage types
  • Keep at least one copy of the data offsite

Encrypt and safeguard the private key/passphrase for the backup offsite.

 

5) ANTI-VIRUS

At minimal, ensure all assets have a business-class antivirus suite installed and properly functioning under a policy. Scan all assets routinely. This is easy to set-up as an automatic schedule every one a week or however long you opt for.

 

6) ENCRYPTION

Apply encryption for all portable media devices that can leave the premises such as USB devices, cell phones, and laptops.

(Read: Encryption: What Is It, What Is It Good For, & Why You Need It For Privacy)

 

7) EMAIL

Your company is probably doing this already, and if it is not, it should be; apply a safelist policy that allows only specific attachment types from company business partners. Use a smart host solution to leverage additional protection.

(Read: How To Quickly Spot Scam Emails: 5 Things To Know)

 

8) POLICY

Create and maintain policies for security, disaster recovery, and business continuity. Enforce all policy actions and routinely test policy to identify weaknesses.

 

9) MONITOR

Continuously monitor event logs and alerts from all devices using a security information and event management (SIEM) solution. SIEM software, appliances or as managed services will provide real-time analysis of security alerts generated by applications and network hardware, and used to log security data and generate reports for compliance purposes.

 

10) FIREWALL

Purchase at minimum a business-class firewall. Establish and maintain policies to safeguard egress and ingress traffic.

(Read: Antivirus vs Firewalls vs VPNs: What is the Difference?)

 

Related articles

What Is Web Isolation?

Is My Boss Monitoring My Internet Usage?

GDPR Explained (In Simple Terms)

Leave a Reply

Your email address will not be published. Required fields are marked *