The war on cybercrime: 3 must-haves to combat security breaches

19 Nov 2021

Cyber-crime happens so often that it's becoming commonplace. Reports of so many large-scale security breaches, from credit agencies to healthcare providers, banks to dozens of corporate entities, the topic of mitigating risk is at the forefront of IT's leaders' minds.

 

As criminals constantly find new ways to steal information, companies are at risk every day. It's an ongoing battle, and to combating cyber-crime is a massive, complex job that entails locking IT infrastructure up tight, keeping sensitive data more secured and staying a step ahead of the criminals. With so much to consider, businesses are struggling or even failing due to issues like:

  • Managing and protecting the massive amounts that pour in daily
  • Keeping up with networks that are more complex
  • Poorly authenticating, networks, users, mobile and print
  • Lack of visualization to recognize attacks and ploys
  • Untrained network employees
  • Increasing commoditization of weapon-focused software

Despite the grim outlook, there are tactics you can use to protect against attacks.

 

Security breach stats January 1, 2005 to June 30, 2019 *
Number of Breaches = 10,502
Number of Records Exposed = 1,505,381,071

Authenticate all users and traffic

Authenticate users and traffic to restrict access to the network. Use multi-factor authentication across applications, VPNs and endpoints. Encryption ensures data cannot be intercepted or read by anyone other than the intended party involved. Also secure all computing and data storage equipment that houses or transmits business data and sensitive information.

Cybercrime doesn't sleep or take breaks -- and neither can your security. Ensure you have 24/7 management and monitoring and the ability to proactively respond to security breaches and network outages.

Encrypt your backups if your software and hardware support it. As with laptop computers and other mobile devices, portable backup media need to be encrypted with strong passwords, especially if they're ever removed from the premises.

Visibility

Pinpointing where a failure originated comes down to monitoring and management. Without it, you're operating in the dark. Audit trails and forensics track access to sensitive data, ensuring transparency and accountability. The goal is to understand exactly when a system starts to falter. With real-time views of events and threats, you can address problems faster and more completely. See the status of critical devices including servers, infrastructure and peripheral devices—and proactively help stop threats before they become a breach.

Institute a security policy

A solid security policy identifies the rules and procedures for all individuals accessing and using an organization's IT assets and resources. Lay out mandates for document handling of confidential information and equipment that access that information.

Use strong password management, including complex passwords and regular resetting of network passwords.

Be sure to include a document retention policy: the length of time information must be kept, archived or deleted. Also have a disaster recovery plan that accounts for network downtime, data backups and uninterrupted security.

The IT Security Policy is a fluent plan. Update it continually to adapt to evolving threats and new security practices.

A new world of data security

As the modern workforce has moved beyond the network, so have cyber attackers. That's why today's network threats require seeing beyond the network with a more sophisticated network security solution—into every channel, every device, everywhere your people and data are.

 

Source: https://www.ricoh-usa.com/en/insights/articles/essential-it-security-tips