The increasing use of remote access to corporate data to support working from home or providing access to corporate systems has increased the risk of data and Intellectual Property theft. IT departments are looking more closely at Cyber Security for Business solutions as a result.
The use of remote access increases the potential attack surface that could be used by hackers as a way into corporate systems, and the increasing frequency and virulence of attacks over the last two years or so has reinforced the need for corporates to have a much closer look at the Cyber Security for Business solutions they have deployed.
While it is impossible to be completely secure because of the new threats that appear every day, the trick, as with domestic security, is to make breaking in difficult enough to force the hacker to move on to an easier target.
Here are 5 ways to update your Cyber Security for Business profile to help secure your corporate data.
Use a VPN
A VPN provides an additional layer of security by extending your private internal network out onto the Internet. In simple terms, they use their own secure servers as the connection portal between remote users and your corporate systems. This makes your connections anonymous, hiding your systems from hackers. They also encrypt all the traffic to and from your systems, making data theft useless.
One point to remember is that you must keep your VPN software current at all times with all necessary patches to ensure that you are protected against all the latest threats.
Information Leakage
Many sites use third parties, perhaps for systems development or support, or as an outsourced support organisation. The outsourced staff provide skills that are not needed on a regular basis or replace in-house staff at a reduced cost. Sometimes they are brought in for a specific project only.
In those cases, the external staff will have the same, or greater, access to confidential company information, and as such, represents a potential security threat. They should have access to only the information directly related to their task, and not be allowed to import or export information.
User Security
A regular activity must be a review of authorised users and their associated access rights. All too often, when users change functions within an organisation, there are given new access rights, but their current ones are not removed. This is a potential security hole.
One other large common gap is that all user access rights must be removed when they resign or are terminated for any reason. Ghost users who have left the organisation, but still have access are a major security threat.
A new threat is online storage such as DropBox or Google Docs. A user could upload confidential information which is later downloaded elsewhere. Access to online storage must be blocked.
Another security leak area is that of removable devices. Flash drives are easily concealed and can be used to steal confidential information. Alternatively, they can be used to bring malware from poorly protected home networks. USB ports on desktop units should be disabled.
Up to Date Software
It’s all very well having the best security and anti-malware software, but it must be kept up to date. Most corporate anti-malware systems have a “pull “ and “push” system. Current updates are regularly pulled down to a central anti-malware server and then pushed out to all connected desktops.
New malware is created and spread every day. Unless you keep your anti-malware signatures and software up to date, they can get past your defences.
Firewalls and Encryption
It is absolutely essential to protect corporate systems against intrusion and attack with a firewall. The firewall is configured to block any unauthorised connections from remote systems and devices. Obviously, some systems, for example, email servers, need to be able to communicate both inside and outside the firewall in a DMZ.
The firewall configuration should be kept up to date with any new requirements as systems are developed and implemented and new threats appear.
It is becoming good practice to encrypt stored data using, for example, BitLocker on desktops or a Windows server, so that even if stolen, it is of no use. A final line of defence if security walls are breached.
Securing data is of paramount importance today. Theft and malicious attacks are becoming more and more prevalent, and a corporate IT department needs to be eternally vigilant to ensure the highest levels of protection.