It seems like every month brings the news of another massive hack of a company’s data, putting the financial and personal information of customers in the hands of hackers. Experian, the credit-monitoring service, Target, the retailer, Ashley-Madison, the affairs-themed dating site- the list goes on and on. Millions upon millions of customers have seen the companies they trusted fail to protect their data. Don’t become a headline: use these five tips to help head off a cyber-breach at your company.
Training
The first thing to do is to train the staff in avoiding suspicious emails and similar attempts to bypass a company’s security. it’s quite common for attackers to send viruses attached to emails or attempt to lure employees into entering their account information into fake online forms. Some of these lures can be very convincing. By training your staff in how to recognize them, you are cutting off a potential route that hackers use to attack your data. In fact, attackers love to use this kind of technique because it is cheap and easy- they don’t need to try to defeat a company’s security.
Use Cloud Services
If you are a small business, you might not have the time or money to develop powerful security solutions. One possible answer is to rely on cloud services. Put all sensitive data and carry out analysis on that data within an enterprise cloud. That way, you can use that company’s security instead of your own to protect the data. A company capable of offering cloud services will also have a powerful array of cybersecurity measures, making them an ideal choice for an ally.
Internet Protocols
In addition to training staff in recognizing breach attempts, it is also a good idea to create a set of internal protocols to avoid exposing data to the Internet. Any Internet-connected device can potentially be hacked, so limiting which devices face the Internet and which company resources are connected to those devices can control the extent to which hackers can access useful data. A set of BPM or business process management evaluations can show whether the company can keep some resources offline and develop policies to prevent any contagion from spreading from Internet-connected resources to internal ones. That is like quarantining anything that can connect to the Internet.
Conduct Audits
It pays to test your own defenses every once in a while. Find a security expert willing to probe your countermeasures, send lure emails to staff, and try everything they can think of to break into the company’s data. This will let you know where you need to improve your defenses. It’s an informational stress test that can help you learn about any weaknesses in your software or protocols might exist, and what you can do to plug them up. It’s better to learn about them this way than when a hacker finds and exploits them.
Plan Ahead
One way to limit the damage from a breach is to plan in advance. Decide what the company will do in the event that a hack is successful. It won’t do any good to pretend that it can’t happen, so it’s far better to plan for the disaster in advance and be ready when the time comes, just like planning for a storm or earthquake. It just takes one mistake to let hackers in, so a reaction plan will ensure everyone knows what to do in order to minimize the disruption. Each company handles different kinds of data, so there is no one-size-fits-all plan, but get together with the managers and the IT department to decide on the best course of action in the event of a hack. You might need multiple plans to account for different kinds of hacks, so remember to plan for that possibility.
By: Dennis Hung
Tags: article, Business Information, Cyber Security, technology
Leave a Reply
You must be logged in to post a comment.