+1(888) 481.5388
Linkedin ComodoSSLstore
View Cart

7 Things you should do to avoid being the next Breach Victim

12 votes, average: 4.67 out of 512 votes, average: 4.67 out of 512 votes, average: 4.67 out of 512 votes, average: 4.67 out of 512 votes, average: 4.67 out of 5 (12 votes, average: 4.67 out of 5, rated)
Loading...

Data breaches are on the rise these days. Follow our 7-step guide to protect against them.

Truth be told, this has been a year of data breaches. And there haven’t just been ‘data breaches’, but ‘daddy’ data breaches. Gemalto reported a staggering 164% rise in data breaches in the 1st half of 2017 compared to the latter half of 2016. What’s the reason? It’s hard to put it down to one single thing when it’s a combination of many. Sophisticated techniques, higher rewards, social engineering techniques, IoT…there are countless things we could throw mud at.

However, it would be focusing upon the ‘Why’ part of the data breaches when clearly the ‘What’ part is more important. Instead of wasting our energy pondering the ‘Why’ part, we should turn our attention to preventing them from taking place in the first place and ask ourselves questions like – What can I do to prevent a data breach from happening? How do you avoid being the next victim of a data breach? Here’s how you can do it.

7 Things to Avoid next Breach Victim

1.      Train your employees

A recent report shows that employees act as the chief source of most cybersecurity incidents. Almost 54% of IT professionals cite employees as the main cause. That is exactly why training employees no matter what end of the spectrum they are is of uppermost importance. You should:

  • Train employees on how to identify phishing emails and spooky websites.
  • Make them understand the possible dangers posed by BYOD (bring your own device).
  • Explain them how to look up the details of the organizations before sending any sensitive information.
  • Make them understand the dangers posed by piracy.
  • Take security tests to evaluate their security awareness levels.
  • Educate them about the prevalent security threats.

2.      Keep sensitive information close to your chest

No hacker is after the cute cat photos that you’ve stored on your pc. Two things are certain in life — the dogs run after bones and hackers run after money. And the money lies where there is information, sensitive information to be precise. Such information may include business secrets, financial data, customers’ details, etcetera.

  • Limit the access to confidential files. Make sure only trusted people can access them.
  • Protect your network using encryption software, VPNs, firewalls, vulnerability scanners, etc.
  • Limit access to the network. Make sure private devices are not connected to your company network.
  • Employ strong administrator password policies.
  • Secure your physical premises.

3.      Keep everything up-to-date

Many of these malware attacks are dependent upon a bug or a vulnerability in the system. The WannaCry ransomware attack is a prime example of this. That is why software companies keep rolling out updates or patches every now and then. This holds true for every software as well as the operating systems.

Patch them, latch them!

4.      Encrypt your data

According to a study conducted by the Ponemon Institute, around 60 percent of companies that suffered a data breach had not encrypted their data. Encryption is necessary no matter how big/small your organization is.

5.      Backup or Pack up

You might be using the services of a 3rd party cloud storage provider. If you are, understand their terms and conditions carefully. Opt for a reputed cloud provider even if it means shelling out an extra few bucks. After all, it’s your business at stake here. Another important step is backing up the data. You can back up your data in the cloud or a USB drive or a hard drive. Keep in mind that the system you use to back up your data is disconnected from your business almost all of the time. This is to avoid torrid disasters. And if possible, backup at more than one place.

6.      Lay out and implement proper policies

As discussed earlier, human mistakes are the main source of many of the unfortunate incident taking place. However, they’re inevitable. After all, we’re all humans, right? That is why there are rules in our world. If you want to protect against data breaches or any cyber-attacks for that matter, you must have proper policies in place. Policies such as password policy, exit policy, BYOD policy, vendor policy, etc. help immensely.

7.      Only keep the data that you need

Let’s understand a simple logic – the lesser the data, the lesser the risk.

You must

  • Not collect unnecessary information
  • Reduce the places where your data is stored
  • Keep getting rid of unnecessary, outdated data.

Concluding Thoughts

We’re not saying that these practices will make your system impenetrable. It never has and it never will. But you must put them in practice for the same reason you use your door lock. You must latch the door, don’t you?