Remember these steps when securing your business data
Your business data may be more valuable than you realize, whether it feels that way to you, or not.
Regardless of how valuable you think your data is, it’s worth something to an attacker whose goal is to get as much as they can, for the least amount of money. That’s why we’re taking the time to expand on our blog, Four Actions to Take TODAY to Secure Your Business Data, with more actions you can take to ensure the security of your network.
Here we go!
To complete tasks efficiently, it’s likely you rely on a variety of applications – from checking your email to filing an expense report! These applications are the tools of the modern worker… but they’re also a huge source of risk to your business.
Every piece of software that you run on a computer has a chance of active security vulnerability. For every application that’s installed, you add to the overall risk of your network. Multiply that by every computer in your network, and it doesn’t take long before you reach a level of unacceptable risk.
The first step to improving the situation, is to maintain an inventory of all applications used in the office, along with what they’re needed for. With this list, you can decide on what is really needed and if users have more access than they need.
From there, you will need to develop a policy for installing new applications. This will need to include a business case and risk analysis of each item, along with any firewall or antivirus exceptions that will need to be created.
Finally, monitor the devices in your network for newly installed applications. Enforce previously created policies, as necessary.
This is one of the simplest controls to implement, but also one of the most time consuming. It will require evaluation of a lot of information and likely uninstalling a lot of software.
We’re living in a global landscape of the perfect environment for you to develop a “Bring Your Own Device” policy.
The best tip we have for you is to assume that every personal device that connects to your network is not only infected with a virus but contains a remote agent from your biggest competitor. Utilizing this mindset will ensure that every policy created, or action you take, will be the most secure choice.
There are a lot of areas to consider on how to safely implement these external devices. Read more here: https://expertitsolutions.ca/securing-your-home-computer-to-work-from-home/
Before you tap out, know that encryption is used everywhere – even on the website from which you’re reading this. It’s a lot easier to implement than you might think!
Encryption is a tool that utilizes some complex math to ensure data is accessed only by the correct users. It also ensures that the data has not been altered.
Regardless of the method of encryption, there are two standard areas to focus on – Data at Rest and Data in Transit.
Data at Rest is a simple as it sounds! It’s the data that is stored on hard drives, flash drives, or other media. Encrypting this data ensure that a lost or stolen device with sensitive data will likely remain secure. Every business that allows their users to use external media should have a policy that requires users to encrypt the stored data. Windows 10 offers a tool called BitLocker that will easily allow encryption of an entire hard drive (on a computer or external drive), keeping the bar to security low.
Data in Transit is any information travelling between devices. The most common example would be browsing the internet and the information that’s being shared between your computer and the web serving providing the site. It’s not always possible to encrypt this traffic, but putting in the effort to secure communications helps ensure that, even if a device on the network is compromised, the amount of information an attacker may be able to access is strictly limited. Read more here: https://builttoadapt.io/a-more-practical-approach-to-encrypting-data-in-motion-f9ba481a27fa
How do you know if there was a security incident? No, this isn’t a trick question – it’s a realistic experiment.
If there isn’t an immediate impact, like your files being encrypted, how do you know if an attacker was successful at gaining access to your accounting software?
The answer is LOGS.
Most software and hardware in your environment have some logging capabilities and can be used to not only detect that a breach has happened but may even allow you to see that an attempt is being made.
Here’s a few ways to make use of the logs:
- Manual review on a regular basis, scanning for critical or other concerning events. This is time consuming and it’s likely that a true event might be missed because of the signal to noise ratio.
- Create alerts for specific events and review accordingly! This reduces the workload but creates the possibility that you are not alerting on some events that may be important.
- Utilize a log collection and analysis tool to coordinate the logs (SIEM), find patterns, and alert on real issues. Initially, these tools provide a lot of false positive alerts, so training is recommended. Advanced versions of these tools will share information with other businesses, allowing your business to learn about the strategies being applied against other organizations.
Just like your vehicles “check engine” light, logs will help detect serious issues and respond appropriately prior to a disaster.
We’ve got one more important thing to cover, so tune in next week!
In the meantime, feel free to reach out to our team of experts with any of your questions. We’re always here for you.