Before we begin, let’s define what we are talking about. The term security breach can conjure up all kinds of meanings, but I would like to focus on how it relates to information technology. So by definition …
Security Breach – A situation where an individual willfully override or misuse the network, system, or data access in a way that adversely affects the security of the organization’s data, systems, or operations .
When it comes to data breaches, the risk to organizations is high, from easily computable costs of notification and business loss to less tangible effects on company brand and customer loyalty.
Let’s look at some ways that will significantly increase the effort required to breach your network and computer security.
Change default passwords
It’s amazing how many devices and apps are protected by default usernames and passwords. Attackers are also well aware of this phenomenon. Not convinced? Do a web search for the default passwords and you will see why they need to be changed. Using a good password policy is the best way to go; but any string of characters other than the default offer is a big step in the right direction.
Never reuse passwords
On more than one occasion, you must have come across situations where the same username / password combination was used over and over again realizing that it is easier. But if you know this, I’m pretty sure the bad guys know it too. If they get a username and password combination, they will try elsewhere. Don’t make it so easy.
Look beyond IT security as you assess your company’s data breach risks.
To eliminate threats across the organization, security must go beyond the IT department. A company must evaluate employee exit strategies (RR.
Establish a comprehensive data loss protection plan
Your efforts will demonstrate to consumers and regulators that your organization has taken proactive steps to address data security threats. Disseminate this plan throughout the management structure to ensure that everyone knows what to do in the event of non-compliance.
Browse security logs
Good administrators know the baseline and try to review the system logs on a daily basis. Since this article is about security breaches, I would like to put special emphasis on security logs, as they are the first line of defense.
Perform regular network scans
Comparing regular network scans against an operational baseline inventory is invaluable. It allows the administrator to know at a glance if and when unauthorized equipment has been installed on the network.
One method of scanning the network is to use Microsoft’s built-in command network view. Another option is to use free programs like NetView. They are generally in a GUI format and tend to be more informative.
Provide training and technical support to mobile workers.
Ensure the same standards are applied for data security regardless of location by providing simple policies and procedures for mobile workers, ensuring that security and authentication software is installed on mobile devices and kept up-to-date, and providing adequate training and technical support for mobile workers.
Keep your security software (or patches) up to date.
An unpatched system is, by definition, operating with a weak point waiting to be exploited by hackers. It is true that patching takes time and resources, so senior management must provide guidance on assignments and expectations.
Don’t rely on encryption as your only defense.
Encrypting data in transit and at rest is good practice, but when used alone it can give businesses a false sense of security. Although most state statutes require notification only if a breach compromises unencrypted personal information, professionals can and do break encryption codes.
Monitor outbound network traffic
Malware is getting sophisticated enough to avoid detection. One method to expose it is to monitor outbound network traffic. Suspicions should arise when the number of outbound connections or the amount of traffic deviates from normal baseline operation. In fact, it may be the only indication that confidential information is being stolen or that an email engine is actively spamming.
These methods are simple to implement and will likely go a long way towards making it more difficult for a security breach to occur.