** Click on the bold links below to view more in-depth articles discussing how you can best protect your data and assets
With increasing high-profile data breaches, organizations are becoming more aware that their private data is at risk. With the evolution and availability of technology in encryption and data security, it is not a question of how sophisticated a system has to be, but a question of how to adapt the best practices to use the technologies for securing a system. We discuss six tips to keep data and resources secure. Before we get into the details, let us lay out a few cybersecurity mantras that would help users become more security conscious and aware, and are elementary to ensuring a secure cyber environment within a company. They are – do not leave passwords out and about, do not use the same password for more than one account or service, be wary of social engineering (watch out for impersonators), shred old documents, get rid of old data you no longer need, practice proper disposal of electronics, avoid sensitive transactions on public Wi-Fi, do not forget to sign out, use secure websites and finally be careful when searching in categories known for malware.
Encrypt your Data – Encryption protects our data from being accessible by systems and individuals who were not intended to have access. Systems and individuals who were intended to be granted access will be provided the means to do so via password, passkey or various other ways to decipher the data. Without those, encrypted data is unreadable. We should encrypt data that is stored locally, data in transit as well as data stored in the cloud.
Backups – Backing up data is a critical process in ensuring security and continuity of your data is intact. Backups can restore lost data after various types of disasters to include but not limited to system failure, fire, drive corruption or malicious attacks.
Secure wireless networks – Since wireless signals propagate through the air, there is a greater risk of someone trying to break in and gain Network Access as compared to accessing a wired port. To ensure Wireless security, the primary step should be to configure and use WPA2 Enterprise, a standard security protocol incorporating the necessary security elements, available in all modern day routers. Moreover, it is highly recommended that the firewall is turned on, configured with proper access rules, and Internal Users and Guest Users are separated within the network. It is also essential to keep the router firmware always up-to-date as a lot of updates will contain new security features. Finally, to keep Wireless network secure, make sure that all access points are physically secured to avoid device tampering.
Role Based Access – It is very important in today’s IT world that there be a clear definition of roles and responsibilities of employees in a company. Based on these roles, a company can define what kind of job needs access to what kind of resources within a network. Moreover, it can be defined whether those jobs should have permissions to view the resources or to change the data within those resources. The most important point to keep in mind while defining Access rules is to follow the principle of Least Privilege. For example, a default user account with no roles must not have access to any resources. A good check to perform while defining access for a role would be to analyze the risk in case of a security breach by a user of that role, and select a reasonable balance between cost of mitigation and providing resource access to a user.
Device Security – Ensure that workstations and mobile devices are secured; this is one of the simplest and most important courses of action we can take. To secure these devices, start by making sure that workstations and mobile devices are locked when left unattended. Furthermore, ensure that passwords used on devices are strong and that accounts and devices utilize Multi-Factored Authentication (MFA). MFA greatly increases the difficulty in gaining access to devices and services for outside parties and helps to prevent malicious activity. Also, do not save passwords in your browser. If the browser were to ever be compromised, then passwords could easily be retrieved.
Disable Inactive Bluetooth – Always disable Bluetooth when not in use. New malicious exploits make it possible to exploit Bluetooth in order to establish control of a mobile device within seconds. So if the Bluetooth on the device is not in use, turn it off and keep it off. If not, mobile devices may be susceptible to sneaky remote attacks.