According to ITRC, hacking incidents reached a nine-year high of 37.9 percent in 2015—an increase of 8.4 percent over the previous year. Despite this dramatic rise, the majority of data breaches can be prevented by following a few basic security measures. The following are the top 10 ways to prevent sensitive data from being accessed by unauthorized individuals.
9. Restrict download links in email.
Any web links embedded in emails that seem suspicious are usually malicious—in fact, the majority of advanced persistent threats start with malware launched via email. Be vigilant about web links in emails, as they can trigger malware for exploiting vulnerabilities and compromising your security.
8. Use good encryption.
Encryption keeps personal data secure by encoding data so that only authorized users can access and view it, whether it’s sitting on a local computer or in the cloud/data center. From using SSL/TLS for secure web browsing to implementing local OS drive encryption like Apple FileVault and Windows BitLocker, proper use of encryption ensures that your data is useless in the hands of cyber attackers
7. Use Two-Factor authentication for online accounts.
Also known as two-step verification or multi-factor authentication(MFA), this new model for security adds an extra layer of protection that requires not only a username and password, but something physically accessible only to authorized users ( e.g, a code sent to a mobile phone, a physical authentication token).
6. Perform frequent software and operating system updates.
It may go without saying, but updates to firewalls/antivirus solutions, web browsers, , and underlying operating systems should be installed as soon as they become available. 9 out of 10 data breaches occur because of unpatched software; for this reason, regular patching and updates is critical for maintaining strong security against new exploits, viruses, and malware.
5. Perform regular network scans.
Network scanning is a procedure for identifying active hosts on a network It reveals all shared resources, including system and hidden NetBIOS nodes, FTP,and web services, among others. Scanning should be part of regular system audits for identifying and mitigating rogue software, viruses or malicious code.
4. Check security logs on an ongoing basis.
Security logs contain user activity such as login/logouts, accessing of secured resources, and other events specified by the system’s audit policy. Logfiles contain many pieces of valuable information that can be crucial for identifying intrusion attempts, misconfigured IT assets, and more.
3. Handle sensitive data appropriately.
Following safe computing practices when handling sensitive data will reduce your chances of falling victim to cyber crime. For example, minimize the locations where sensitive data is retained and destroy data responsibly when no longer needed. Hard drives and storage devices should be removed from old computers prior to disposal and stored for safekeeping.
2. Educate and train users on safer computing habits.
Empower users in your organization to develop more secure computing habits. This can most easily be accomplished by codifying secure practices and guidelines in a written policy for employees and clients. Providing a reference document for users helps eliminate an ambiguity in policies (e.g., what is considered sensitive data, what defines “public” wifi).
1. Verify that 3rd parties have strong security controls in place.
3rd parties such as partners that require access to your data or network should be validated and regularly audited to ensure their own data security practices meet your minimum requirements. Target’s high profile data breach was the result of a compromise originating in a partner’s network—an oversight that ultimately cost the retailer $252 million.