2014 could have easily been host to some of the biggest security breaches ever. Many hackers have adapted to the ever-changing technological advances, but current security practices and technologies can prevent these breaches. Many companies that fell victim to security breaches fell into the compliance equals security trap. This trap concludes that if a company goes to the trouble of being legally compliant, to any number of regulations, then it will be secure. But this is not the case.
Security is never a guarantee. However, there are some things that can be done to help prevent serious breaches of security and the consequences that come along with it.
-Continuous Visibility: Companies need to have complete and total visibility into their technology assets and services. You cannot secure what you cannot see. You need to be aware of what you have and what it’s doing at all times if you want to keep things secure. Visibility can be a challenge due to the automated, on-demand modern infrastructure.
-Exposure Management: Once transparency is achieved, companies need to eliminate obvious vulnerabilities that are known in their networks. Continuous monitoring tools, strong vulnerability and security configuration management technology and practices are key to mitigating exposure.
-Strong Access Control: This practice is often implemented incorrectly. Many companies implement access control, however they give excess access. Recent breaches involved valid access control ID’s being used to compromise systems that had nothing to do with its function in the network. The ID’s had access to a lot of information that they shouldn’t have. Limit the access users receive and monitor all user actions.
-Data Protection and Encryption: Once all the aforementioned steps have been taken, it is important to encrypt any sensitive information. Both data at rest and data in motion need to be encrypted if they have any sensitive material. Data protection is needed to ensure that even if data gets compromised, it will not get sent outside of the network.
-Compromise Management: Few companies actually have plans to deal with a breach and how to mitigate the damage caused. No matter what preventative steps you have taken, breaches can still occur. Companies need to implement courses of action and technologies that allow them to act fast. This includes being able to tell that you have been compromised. This includes file integrity monitoring, intrusion detection, and forensic data for analysis.
These steps represent that bare minimum of protection and are suggested for implementation to limit your vulnerability.