What can businesses do to maximise their IT security
This year has already set a record in terms of the number and type of data breaches and resulting collateral damage. Companies around the globe are researching and implementing new security measures to secure their data against a wider and more complete range of threats.
- Strengthen employee security and loyalty. The insider threat is the greatest, proportionally, followed closely by social engineering. Hire qualified professionals to train staff in security best practices, consider employee background checks, and limit the number of employees allowed access to sensitive data. Only authorized personnel require access to critical and sensitive data, and only by adhering to strict security protocols and advanced authentication mechanisms. Besides two-factor authentication, even two-man authentication could be set in place for critical systems, like financial institutions where large transactions need to be authorized by two or more individuals.
- Perform an initial security audit. Focus less on existing holes and more on defining likely threats.
- Consolidate your assets and simplify management by switching to virtualization, either in the cloud or on-premise.
- Check provider credentials and contracts when using cloud services and carry out regular security updates on all software and devices. Keeping your software up to date with the latest security patches is important, as various threats, such as ransomware, often use unpatched vulnerabilities as a vector for infection. As a recent Bitdefender survey has shown, attackers now target businesses rather than individual users to extort higher fees.
- Install a security management solution to consolidate control for virtualized, physical and mobile endpoints. Add firewall protections, too. Securing all devices will make employees more aware of online dangers, even when they navigate on the Internet remotely. Bitdefender security specialists strongly advise CISOs use a security solution specifically designed for the infrastructure it will run on (physical or virtual), instead of a single tool, to deal with these issues:
- Increased overhead – installing an endpoint solution on different virtual machines hosted on the same servers impacts resources by continuously running redundant apps, such as security agents
- Reduced performance – security tools tailored for virtual environments use optimized agents that integrate with a security virtual appliance on server/servers, so files are not rescanned each time a user needs them.
- Typology of attacks is different – virtual environments often face more sophisticated cyber weapons, such as advanced persistent threats (such as APT-28 and, just recently, Netrepser). Security for virtualized environments is by far the most effective way to detect and fight these complex tools.
- Implement a password policy that everybody respects (minimum eight characters, unique and complex, regularly changed).
- Backup your data. Instead of just backing up company data to a separate partition or an external drive, also consider cloud services. As with any cloud-based service, privacy and security remain a priority, so ensure that company personnel are not just doing backups, but that the backups can be restored easily and are stored securely.
- Secure your wireless network and establish a clear security policy for email, Internet and mobile devices.
- Train staff in best security practices considering present and future bring your own device (BYOD) trends. Most attacks stem from a single person opening the wrong e-mail attachment. Employees are the last line of defense – they are the ones who click on a link, visit a website or open an email attachment. Taking an active interest in information security and sharing knowledge with fellow workers can go a long way to making the workplace safer.
- Stop running as administrator. The vast majority of users do not require admin rights when going about their normal business online. Every minute they use the computer with administration-level permissions increases the likelihood that ransomware or other malware might encrypt and corrupt essential databases and other files. When you use your computer with admin rights, avoid browsing websites or opening email attachments.
- Create, define and implement fast security response procedures. Companies need to define a set of procedures and rules to handle security incidents, and all stakeholders must abide by them. They must cover techniques and methods for identifying, isolating and remedying security breaches. After any security incident, it’s mandatory to evaluate the impact it had on both the company and its infrastructure, and apply the new and necessary security mechanisms for preventing those types of breaches or vulnerabilities.