More threats emerge for IT departments every year. Cybersecurity is increasingly challenging as attacks get more sophisticated. But many core basics are still being ignored.
Verizon’s 2015 Data Breach Investigations Report put the total at 2,122 data breaches last year, with nearly 80,000 incidents. The vast majority of them fit into the same categories. There are some obvious, often overlooked areas where security can be tightened with minimal effort.
Any IT department looking for potential vulnerabilities would do well to start with the following seven threats:
You must have a proper Mobile Device Management policy in place. If you allow people to bypass security systems by jailbreaking or rooting and let them install apps from unknown sources, then you can bet they will.
The consequences can be devastating. An infected device, unwittingly brought into the office by your own employee, could effectively bypass the rest of your systems. You need to identify and remove malware, remotely wipe devices, and provide secure access to corporate servers. A solid split between personal and corporate data with encryption and secure containers is vital.
Many of the biggest data breaches come about after a laptop or a smartphone was left somewhere it shouldn’t have been. Sometimes people are careless with devices. Sometimes they get stolen.
You can’t prevent it from happening, but it is very easy to prevent it from causing a data breach. The vast majority of devices have the capability to encrypt and password protect the data they hold. Take advantage of these capabilities and you can drastically decrease the risk of data breach after a loss or theft.
Emails are a potential treasure trove of sensitive data, and millions of emails are being sent every day with absolutely no encryption. It’s very easy to download tools that allow you to collect unencrypted email. Combine unencrypted email with our next entry, and you could be giving away valuable data.
The sad thing is that it’s very easy to encrypt email. There are a lot of user-friendly solutions now. It doesn’t have to be laborious or expensive. The other beauty of encrypting email is that it doesn’t just foil cybercriminals, it also safeguards against human error. People accidentally send emails to the wrong address quite often, and it can lead to serious data breaches.
The prevalence of unsecured Wi-Fi networks is surprising and worrying. If you don’t have any protection in place, then you’re making it easy for hackers to spy on your traffic. Things like unencrypted email can be intercepted through man-in-the-middle attacks. You simply can’t afford to use unsecured consumer routers for a business. You’re inviting trouble. Make sure you have a security policy for your network and enforce it.
Many companies are operating with firewalls in place that give them the illusion of security. Modern malware is designed to sit unnoticed and exfiltrate data silently. Without the right software and an expert view, you will never know if you’re infected. You need the expertise to understand how your firewall should be configured. Too many IT departments aren’t taking advantage of firewall features that have been paid for. It also has to provide real-time protection for all devices and locations, without hampering performance.
You probably have a web filter to block objectionable content, but the problem is that most malware online is hosted on legitimate websites that have been compromised. Whether the entry point is a hijacked website or a link in a malicious email, the user will never know they’ve been attacked. Hackers can buy exploit packs online and use vulnerabilities in browsers and third-party software to gain a foothold. A static filter isn’t enough, you need real-time filtering to scan for dodgy URLs and web-based malware.
Apple doesn’t do much to dispel the myth that you don’t get malware on Macs. The Flashback Trojan managed to infect more than 600,000 Macs back in 2012, and it proved difficult to eradicate. There have been other incidents since then. Apple’s OS X has some compelling security features, but it’s not perfect, and there are always vulnerabilities in third-party software as well. Understand that Macs are not immune to cyber attacks. Many security experts are pointing to the rising tide of ransomware, where data is locked and a demand for money is made if you want it unlocked. Don’t leave them defenseless; it’s time to install suitable security software on your Macs.
Much of our list here can be tackled without major resource requirements, so there’s really no excuse not to look at them. There are, of course, lots of other things to consider when you’re addressing security, and it’s an ongoing challenge to stay on top of threats. But if you begin by dealing with these seven threats, you’ll be off to a good start.
This article was recently published in Network World.
Imagery credit: cutcaster