Let’s jump in and learn:
Steps to Prevent Data Breaches
Data breaches that make the news usually feature large, name-brand companies. This can make smaller organizations think that they are too small or unimportant to be targeted, but this is incorrect. Organizations of all types and sizes are regularly victims of data breaches
Following are the best ways to prevent data breaches.
- Network monitoring and file server monitoring: Detect suspicious activity with real-time monitoring that identifies potential data breaches. From unauthorized network access to unusual file activity, network monitoring and file server monitoring (e.g., data loss prevention, content management and governance) systems provide continuous protection and a log of all activity.
- Data use, management, storage, and maintenance plan: Establish, maintain, and enforce security policies for all data. Remember that data stored digitally and physically are targets for data breaches.
A least-privilege approach to data should be adopted. That is, only provide enough access for individuals to complete to their jobs. Once data is no longer needed, it should be destroyed.
It is critical to know what data is sensitive and where it is located. Data backups and restore plans must be in place. - Regular security audits: Ongoing data security oversight ensures that systems are working and any incidents are identified and remediated before they allow data breaches. Security audits periodically review processes and procedures to identify gaps in data security compliance and governance.
- Response plan for data breaches: Preparation is the best defense for data breaches. If prevention measures for data breaches fail, having a response plan will significantly minimize loss and damage.
A playbook for responding to data breaches will help with understanding potential damage and losses, limit lost productivity, and expedite recovery. It will serve as a foundation for prepping the executive team and corporate communications unit. Also, knowing what sensitive files are stored, where they are, and who has access helps with recovery from data breaches. - Work from home plan: Understanding where threats exist when some or all employees are working remotely is crucial to guarding against data breaches. Consider offsite threats like unsecured wi-fi and determine how to best drive user adoption of preventative measures.
- Asset inventory: Maintain and monitor all hardware and software assets on networks and in physical locations. Alerts should be triggered when something is missing or something unknown has been added, which could indicate a trojan horse with malware.
Content should be similarly cataloged and tracked to protect it from data breaches. Unusual activity with regards to data can be a sign of malicious behavior—theft, destruction, ransomware, or unauthorized copying. - Strong passwords: Establish a password policy that details how to create, use, and store strong passwords to protect against data breaches. A strong password should include upper- and lower-case letters, numbers, and special symbols.
Passwords should be changed regularly and never written down and saved near devices. Multi-factor authentication is recommended for systems with sensitive information. - Employee training and education: Stopping data breaches before they happen depends, in large part, on employees. Insider threats are one of the most common attack vectors. An insider threat can be a malicious employee or simply one who is naïve and susceptible.
Ongoing training keeps security top-of-mind and limits exposure to data breaches. Security training and education should cover passwords, suspicious activity, social engineering threats, and risks from websites, as well as handling sensitive information on all devices. - Software and system updates: Keep application software and operating systems up to date. Always install patches as soon as they are available.
Implement a change management plan. Software and system updates are an effective defense for data breaches. Updates should occur automatically, if possible, rather than requiring user intervention. - Physical security: Paperwork, laptops, phones, and storage devices are easy targets for criminals seeking valuable information, as they are prime vectors for data breaches. Keep office building doors locked and gate the entrance, either with a locked door or a person ensuring that only authorized people enter.
Around the office, be sure to store sensitive documents in a secure location. For portable devices, be sure that strong passwords are used, and anti-theft applications are installed.
How Data Breaches Happen
Data breaches represent a very real threat to all organizations. When thinking about data breaches, the menacing image of shadowy hackers comes to mind. However, most of these culprits often are not cybercriminals, but rather are insiders, third parties such as vendors or contractors, or otherwise closely related to the organization.
The instigators of data breaches fall into four categories:
- Unaware insider threats, unintentionally access sensitive information without malicious intent. A current or former employee, partner, or vendor who, by accident or oversight, has unauthorized access to systems is also considered an insider threat.
- Malicious insider threats come from authorized users who access systems with the intent to perpetuate data breaches to steal or cause damage.
- Malicious outsider threats are the classic hackers and cybercriminals who gain unauthorized access to systems with the intent of data breaches.
- Stolen or lost devices are especially vulnerable to data breaches, especially if they do not have strong passwords and data is not encrypted.
The 10 most common causes of data breaches are:
- Human error
- Malware
- Social engineering
- Weak and stolen passwords
- Ransomware
- System and application security vulnerabilities
- Poor or improper configurations
- Stolen and lost devices
- Inadequate access controls
- Brute force attacks
The Cost of Data Breaches
Beyond what is stolen by cybercriminals, the cost of data breaches is far reaching. Data breaches can be expensive.
Depending on the organization, the cost of a single data breach can range from small thousands to many millions.
When tallying the costs related to data breaches, consider the following in the context of small and large organizations. Ten considerations when calculating the cost of data breaches should be:
- Impact on stock price or valuation
- Damage to reputation
- Lost customers
- Stolen assets
- Sensitive data exposure
- Compromised data
- Destroyed systems and data
- Fines
- Lost productivity
- Recovery and rebuilding
Data Breaches in the Cloud
With the cloud being the go-to for data storage and applications, it is no surprise that anything in the cloud has become a prime target for data breaches. System misconfigurations the most common vector for data breaches across all types of cloud services. After misconfiguration, cloud data breaches result from many of the same causes as onsite data breaches.
Prioritize Defenses Against Data Breaches
Give data the attention and priority that it is due. Knowing where data resides, how it is used, and who has access to it should be the starting point when developing defenses against data breaches. Then, follow best practices with a focus on the human element, as people are one of the weakest links in the barriers to stop data breaches.
Egnyte has experts ready to answer your questions. For more than a decade, Egnyte has helped more than 16,000 customers with millions of customers worldwide.