Elvis Jones, Executive Chronicles | The recent trend towards online data collection means that more sensitive information than ever before is being stored by businesses of all sizes. Personally identifiable information including names, addresses, financial data, and even social security numbers are being amassed in databases too numerous to count. The end result is that every organization, large and small, needs to reevaluate their information security practices, and often develop a whole new approach to safeguarding data.
The first thing every business needs to address is their own employees. Phishing and infected file downloads remain an easy way for an attacker to gain entry to internal computer systems. Clear and specific employee internet and email use policies must be developed and enforced at all levels. An employee cybersecurity education program can also go a long way in assuring that everyone with legitimate access to business systems is aware of the possible threats as well as their own responsibility for keeping data safe and secure.
Assuring that every device attached to a business network is fully secured and in compliance with a security policy can be a massive challenge for any business. These days, employees are carrying personal smartphones and tablets that are often used to carry out business tasks. It is important to maintain flexibility in the use of these devices while also ensuring that business data being accessed on them remains secure. The creation of a personal device policy will help to keep these devices from becoming a problem. Insistence on security updates and standardized configuration is an excellent place to start, as well as making I.T. staff available for troubleshooting and maintenance.
Another option for mobile devices is to deploy a mobile virtualization platform. By delivering business assets to a device in a virtualized container, data security can be maintained by preventing the device from ever directly physically possessing the sensitive information in the first place. Additionally, a lost or stolen device can be immediately detached from the business network, leaving no trace of data on the device to be retrieved by a third party.
Proactive Defensive Measures
Even if every available preventative measure has been employed, it is still vital to monitor all business networks and devices for potential threats. Fortunately, managed detection and response services are evolving quickly to meet new and emerging security vulnerabilities. Commonly, these services will monitor network traffic, email, and all endpoints to detect suspicious activity. By analyzing the data gleaned from the network and devices, threats and intrusions can be caught and oftentimes halted in progress. The major advantage of these service providers is that they are equipped for full-time threat detection since a business is just as vulnerable outside of operating hours as it is while open.
If all else fails, a thorough and complete disaster recovery plan can serve as the last line of defense for a business. By utilizing full system backups with bare-metal recovery abilities, a business can be assured of continuity even if their systems are completely destroyed. This is especially important, given the recent rise in high-profile ransomware attacks. If business data is targeted for deletion or encryption by a ransomware attack, the threat is far more easily contained or mitigated if there is a protected replica of all data.
The Layered Approach
It’s important to remember that there’s no single way to protect against every attack vector. By utilizing and maintaining a mix of strategies that range from the proactive to the reactive, the broadest range of threats can be defended against and recovered from in the event of a breach. With a little forethought, an integrated data security plan can provide business-critical protection even in the worst of scenarios. Most importantly, a solid plan will create an environment where everyone with access to critical data always has one eye focused on security.