For IT administrators, keeping up with security can get overwhelming. Keep up with software patches, secure the endpoint, monitor incoming and outgoing traffic, and the list goes on. Even with all that, it feels like the data is still not secure.
IT has traditionally focused on perimeter security and network-based monitoring to detect when outsiders are coming into the network and trying to access data. Or worrying about what devices the attacker may try to use. The problem is, once the adversary has made it into the network, that no longer looks like malicious. If the breach was the result of stolen user account credentials, that attacker now looks like a normal user, with all the privileges and rights granted to that account.
Keeping that in mind, IT needs to shift their energies to a more data-centric view of security. It doesn’t pay to have all kinds of secure authentication and network monitoring tools in place, if once in, all the data is in plain text and accessible through the database.
Administrators need to think about data protection – both for data at rest and while in transit. Below, we go over five things to keep in mind when protecting data from criminals, spies, and malicious insiders.
1. Identify your data security needs
The first step is to really understand what kind of data you have in the first place. Security is not about protecting every single file and information the same way, but rather, about applying appropriate levels of protection to different types of data. A proper audit will help identify all instances of data that needs higher levels of protection because of compliance reasons, to be in line with security best practices, or because they happen to be the company’s crown jewels.
2. Encrypt the data
Encryption is a critical part of data-centric security. The file is encrypted using a strong encryption algorithm so that even when attackers breach the network barriers, the information is not accessible. Selecting strong encryption is important, as there is no security in using algorithms that have already been found to be weak or easy to brute-force.
Encryption doesn’t apply to just data on servers and databases, but on endpoint devices, such as portable hard drives, laptops and USB sticks. That way, even if the device is lost, the information doesn’t get exposed.
3. Emphasize strong passwords
Employees need to be reminded to select strong passwords so that attackers can’t just brute-force their way into applications and servers to steal data. The IT department also has to make sure there are no default passwords or hard-coded passwords that can give attackers a backdoor into the network. Whether we are talking about default passwords for printers, VoIP systems, or content management systems, enemies try to break in using default login credentials.
4. Transfer files securely
Have policies set up so that employees know they shouldn’t just email sensitive documents around. Instead, they should be using secure file transfer services, where users can send encrypted messages or use secure networks to ensure the information does not leave corporate servers. The same policies should remind employees they shouldn’t be using open wireless networks without the protection of VPNs. Sending files to people over an open wireless network means anyone eavesdropping on the network would be able to intercept that file. Users should have access to encrypted USB drives for file transfer, as well.
5. Look into data leak prevention (DLP)
Invest in data leak prevention to make sure files are not leaving the enterprise network without authorization. DLP ensures that insiders aren’t sending out data without proper protection, but also any malicious file transfers that may be occurring.
If you take steps to protect the data within the network, you make it harder for attackers to walk off with sensitive data. Perpetrators will take any data they can find on the company servers, such as Social Security numbers, email addresses, invoices, or credit card numbers, and just sell them for quick cash. Using these steps, IT administrators can drive up the cost of attack by making the stolen data hard to use, making it likely attackers will just move onto a weaker and easier target.Tags: IT Security,Technology