Top 9 Ways to Prevent a Data Breach from Occurring

by Rudra Singh 918 views0

According to ITRC, hacking incidents reached a nine-year high of 37.9 percent in 2015—an increase of 8.4 percent over the previous year. Despite this dramatic rise, the majority of data breaches can be prevented by following a few basic security measures. The following are the top 10 ways to prevent sensitive data from being accessed by unauthorized individuals.

9. Restrict download links in email.

Source: Rodolphe Courtier / Flickr Creative Commons.
Source: Rodolphe Courtier / Flickr Creative Commons.

Any web links embedded in emails that seem suspicious are usually malicious—in fact, the majority of advanced persistent threats start with malware launched via email. Be vigilant about web links in emails, as they can trigger malware for exploiting vulnerabilities and compromising your security.

8. Use good encryption.

Source: FutUndBeidl / Flickr Creative Commons.
Source: FutUndBeidl / Flickr Creative Commons.

Encryption keeps personal data secure by encoding data so that only authorized users can access and view it, whether it’s sitting on a local computer or in the cloud/data center. From using SSL/TLS for secure web browsing to implementing local OS drive encryption like Apple FileVault and Windows BitLocker, proper use of encryption ensures that your data is useless in the hands of cyber attackers

7. Use Two-Factor authentication for online accounts.

Source: Jonathan Molina / Flickr Creative Commons.
Source: Jonathan Molina / Flickr Creative Commons.

Also known as two-step verification or multi-factor authentication(MFA), this new model for security adds an extra layer of protection that requires not only a username and password, but something physically accessible only to authorized users ( e.g, a code sent to a mobile phone, a physical authentication token).

6. Perform frequent software and operating system updates.

Source: alex roberts / Flickr Creative Commons.
Source: alex roberts / Flickr Creative Commons.

It may go without saying, but updates to firewalls/antivirus solutions, web browsers, , and underlying operating systems should be installed as soon as they become available. 9 out of 10 data breaches occur because of unpatched software; for this reason, regular patching and updates is critical for maintaining strong security against new exploits, viruses, and malware.

5. Perform regular network scans.

Source: Norlando Pobre / Flickr Creative Commons.
Source: Norlando Pobre / Flickr Creative Commons.

Network scanning is a procedure for identifying active hosts on a network It  reveals all shared resources, including system and hidden NetBIOS nodes, FTP,and web services, among others. Scanning should be part of regular system audits for identifying and mitigating rogue software, viruses or malicious code.

4. Check security logs on an ongoing basis.

Source: Linux Screenshots / Flickr Creative Commons.
Source: Linux Screenshots / Flickr Creative Commons.

Security logs contain user activity such as  login/logouts, accessing of secured resources, and other events specified by the system’s audit policy. Logfiles contain many pieces of valuable information that can be crucial for identifying  intrusion attempts, misconfigured IT assets, and more.

3. Handle sensitive data appropriately.

Source: William Warby / Flickr Creative Commons.
Source: William Warby / Flickr Creative Commons.

Following safe computing practices when handling sensitive data will reduce your chances of falling victim to cyber crime. For example, minimize the locations where sensitive  data is retained and destroy data responsibly when no longer needed. Hard drives and storage devices should be removed from old computers prior to disposal and stored for safekeeping.

2. Educate and train users on safer computing habits.

Source: Tobias Toft / Flickr Creative Commons.
Source: Tobias Toft / Flickr Creative Commons.

Empower users in your organization to develop more secure computing habits. This can most easily be accomplished by codifying secure practices and guidelines in a written policy for employees and clients. Providing a reference document for users helps eliminate an ambiguity in policies (e.g., what is considered sensitive data, what defines “public” wifi).

1. Verify that 3rd parties have strong security controls in place.

3rd parties such as partners that require access to your data or network should be validated and regularly audited to ensure their own data security practices meet your minimum requirements. Target’s high profile data breach was the result of a compromise originating in a partner’s networkan oversight that ultimately cost the retailer $252 million.

Source: Mike Mozart / Flickr Creative Commons.
Source: Mike Mozart / Flickr Creative Commons.

 

Source(s):

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>