Last month, Yahoo! discovered it was involved in the largest discovered data breach in the history of the internet. Hackers stole information from over 500 million Yahoo! accounts, including details such as names, email addresses, phone numbers, security questions and answers, dates of birth, and encrypted passwords.
With data breaches happening all around us on a regular basis, it’s now more important than ever to ensure your business or organization is fully prepared in the event that a data breach occurs. Staying one step ahead with your IT planning will make all the difference in mitigating an attack. Below are 8 ways your business can stay on its IT game.
Staff Training – Training your end users on security awareness will make an overall impact on mitigating security risks because the company will be security minded and aware of the ways a malicious attack could happen. Awareness training will also help your staff in noticing odd behavior commonly associated with phishers and hackers.
Craft a security policy – Are your employees allowed to take company-owned laptops home at night? Are they bringing in thumb drives from home and inserted them into their workstations? How strict is your BYOD (Bring your own device) policy?
These are important questions to ask when crafting a security policy. An employee may not have malicious intent, but it can be dangerously easy to unwittingly install a virus on a work PC. Work with your IT department to craft a security policy for your business or organization.
Deploy Content Filtering – A machine can easily be exploited by visiting a malicious or compromised website – also known as ‘drive-by downloads.’ Being able to block where your staff goes online is key to a good security policy.
Patch Management – Simply turning on Microsoft updates is not good enough. Third-party applications, such as Adobe, will need constant patching as well. Work with your IT staff to ensure that patches are being deployed on all systems when available. This will help your business stay one step ahead.
Back it up – Many breaches are caused by the theft or loss of data backup tapes. A remote data backup service allows the company to use the Internet to back up safely and effectively without ever using tapes that can be lost or stolen.
Perform Regular Vulnerability Tests – Vulnerability tests should be performed against every system in your network on a regular basis, both internal and external. Work with your IT department on strengthening or patching any vulnerabilities you may catch.