How do you protect your business information? The answer to that question can be a difficult one, but it’s important because the amount of sensitive data businesses store is significant. In fact, according to Verizon’s Data Breach Investigations Report 2016 there were over 1 billion records compromised in 2015 alone!
In this blog post I will discuss six tools that can help keep your company secure and our customer data safe.
1. Continuous Database Protection (CDP)
Database activity monitoring (DAM) tools should also be an important part of your security strategy as they can help protect against unauthorized access and tampering with data. According to DB Visit continuous database protection is important because “Your database is at the heart of your business”. While traditional intrusion detection systems look for hackers trying to break into databases, DAM tools work by scanning data as it is being entered and exiting the database, alerting you if any unusual activity such as a hacker attempting to tamper with data occurs.
2. Encrypted Data Backups
Businesses need to ensure the safety of their data and ensure that sensitive information (e.g., customer and employee personal data, financial information) is not misused by attackers targeting it for possible malicious actions such as identity theft.
Encryption ensures that if an attacker gains access to your backup files they will only see a garbled mess instead of actual content, as encryption is a process of encoding all user data so that only authorized users can access it. To encrypt your company’s backups use tools like BitLocker Drive Encryption on Windows or FileVault 2 on Macs – both are built-in features within Windows and OS X respectively and don’t require additional software.
3. Data Loss Prevention (DLP) solutions
Another important point to consider is that a significant amount of information that travels over the network, whether accidentally or maliciously, does not contain confidential data and therefore cannot be encrypted. For this reason, many companies use DLP tools to prevent leakage of sensitive data such as credit card numbers or social security numbers by blocking such transmissions. DLP solutions work on the basis of policies you set for what should be considered acceptable use and alert you when any deviation from those parameters occur – this way you can take immediate action if suspicious activity is detected and respond accordingly. A few examples of these tools are:
- Netwitness Investigator
- PatchLink Network Security Monitor
- Opus Suite by Lumension Security
- BigDataOpus
- Splunk Enterprise Security
4. Enhanced Authentication
There are several methods of authentication that can be used to ensure the identity of users trying to access sensitive data, these include knowledge factor (e.g., password); ownership factor (e.g., token or fingerprint scan); inherence factor (e.g., behavioral or physiological); and something you are (e.g., retinal scan, voiceprint). Password-only authentication is no longer considered to be enough as it can easily be compromised by hackers’ tools.
5. Endpoint Protection
Finally, regardless of how careful you are with sensitive data and taking all the necessary precautions to prevent security breaches, it is still essential that you have some sort of endpoint protection in place. An endpoint is any computer attached to a network — whether mobile device or laptop — which provides access to an internal network and your business information stored within it. There are many free and paid tools available that can help protect endpoints: e.g., Avira (free) and Kaspersky (paid) Anti-virus for Windows; Sophos Anti-virus for Mac; Symantec Endpoint Protection Suite for PCs.
6. Encrypted email
Email is still the most widely used and preferred method for communication within and outside businesses. However, there are significant security vulnerabilities associated with emails: emails can be intercepted or modified during transmission; if hacked, they can be read by unauthorized parties; the information contained in the emails may remain accessible even after disposal; and if leaked, email messages reflect business operations and contain sensitive data such as passwords and customer information.
Encryption is a process of encoding all user data so that only authorized users can access it. This means that any unauthorized person trying to intercept an encrypted email will merely see a garbled mess instead of actual content. To encrypt your company’s outgoing and incoming emails you should use S/MIME encrypted emails.
Taken together, these tools can help you safeguard your sensitive business information and prevent any security breaches that may put your company at risk of losing millions in potential revenue, requiring an expensive cleanup job, or involving law enforcement agencies to investigate the case if it’s found that legal action will need to be taken against the perpetrator(s).
