www.computerworld.com
Open in
urlscan Pro
151.101.194.165
Public Scan
URL:
https://www.computerworld.com/article/3535590/avoid-security-breaches-how-to-protect-your-data.html
Submission: On March 20 via api from IN — Scanned from DE
Submission: On March 20 via api from IN — Scanned from DE
Form analysis 1 forms found in the DOM
<form class="gsc-search-box gsc-search-box-tools" accept-charset="utf-8">
<table cellspacing="0" cellpadding="0" role="presentation" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<div class="gsc-input-box" id="gsc-iw-id1">
<table cellspacing="0" cellpadding="0" role="presentation" id="gs_id50" class="gstl_50 gsc-input" style="width: 100%; padding: 0px;">
<tbody>
<tr>
<td id="gs_tti50" class="gsib_a"><input autocomplete="off" type="text" size="10" class="gsc-input" name="search" title="search" aria-label="search" id="gsc-i-id1" dir="ltr" spellcheck="false" placeholder="Start Searching"
style="width: 100%; padding: 0px; border: none; margin: 0px; height: auto; outline: none;"></td>
<td class="gsib_b">
<div class="gsst_b" id="gs_st50" dir="ltr"><a class="gsst_a" href="javascript:void(0)" title="Clear search box" role="button" style="display: none;"><span class="gscb_a" id="gs_cb50" aria-hidden="true">×</span></a></div>
</td>
</tr>
</tbody>
</table>
</div>
</td>
<td class="gsc-search-button"><button class="gsc-search-button gsc-search-button-v2"><svg width="13" height="13" viewBox="0 0 13 13">
<title>search</title>
<path
d="m4.8495 7.8226c0.82666 0 1.5262-0.29146 2.0985-0.87438 0.57232-0.58292 0.86378-1.2877 0.87438-2.1144 0.010599-0.82666-0.28086-1.5262-0.87438-2.0985-0.59352-0.57232-1.293-0.86378-2.0985-0.87438-0.8055-0.010599-1.5103 0.28086-2.1144 0.87438-0.60414 0.59352-0.8956 1.293-0.87438 2.0985 0.021197 0.8055 0.31266 1.5103 0.87438 2.1144 0.56172 0.60414 1.2665 0.8956 2.1144 0.87438zm4.4695 0.2115 3.681 3.6819-1.259 1.284-3.6817-3.7 0.0019784-0.69479-0.090043-0.098846c-0.87973 0.76087-1.92 1.1413-3.1207 1.1413-1.3553 0-2.5025-0.46363-3.4417-1.3909s-1.4088-2.0686-1.4088-3.4239c0-1.3553 0.4696-2.4966 1.4088-3.4239 0.9392-0.92727 2.0864-1.3969 3.4417-1.4088 1.3553-0.011889 2.4906 0.45771 3.406 1.4088 0.9154 0.95107 1.379 2.0924 1.3909 3.4239 0 1.2126-0.38043 2.2588-1.1413 3.1385l0.098834 0.090049z">
</path>
</svg></button></td>
<td class="gsc-clear-button">
<div class="gsc-clear-button" title="clear results"> </div>
</td>
</tr>
</tbody>
</table>
</form>Text Content
Close Ad
computerworld
UNITED STATES
* United States
* Australia
* India
* Netherlands
* New Zealand
* United Kingdom
* Windows
* Gen AI
* Office Software
* Apple
* Newsletters
* Events
* White papers/Webcasts
×
search
Business Tech
* Browsers
* Blockchain
* Cloud Computing
* Collaboration Tech
* Generative AI
* Macs
* Office Software
* Productivity Software
* Small Business
* Windows
Mobile Tech
* Android
* Chrome OS & Chromebooks
* iOS
Shark Tank
Enterprise Buyer’s Guides
Digital Downloads
Newsletters
Events
Best Places to Work
In-Depth
* News Analysis
* Features
* How To
* Opinion
* Reviews
Video
* TECH(talk)
* IDG TECH(talk) Channel
Podcasts
Blogs
White Papers/Webcasts
From Our Partners
* The Latest Content from Our Sponsors
More from the Foundry Network
The voice of IT leadership
Analytics Careers CIO Role Digital Transformation Leadership Project Management
Security at the speed of business
Application Security Cloud Security Identity Management Information Security
Network Security Risk Management Security Software
From the data center to the edge
Data Center Internet of Things Linux Networking SD-WAN Servers Storage Wi-Fi
Building the next-gen enterprise
Analytics Cloud Computing Databases Devops Machine Learning Open Source Software
Development
* About Us |
* Contact |
* Republication Permissions |
* Privacy Policy |
* Cookie Policy |
* Copyright Notice |
* Terms of Service |
* European Privacy Settings |
* Member Preferences |
* Advertising |
* Foundry Careers |
* Ad Choices |
* E-commerce Links |
* California: Do Not Sell My Personal Info |
* Follow Us
*
*
*
×
Close
* Home
* Security
BrandPost Sponsored by Microsoft | Learn More
Modernize and Mobilize with Microsoft 365
By Joseph Steinberg | Apr 1, 2020 4:35 am PDT
About |
This blog explores the many benefits and challenges of modernization and
presents best-practice advice that you can put to use today.
Opinion
AVOID SECURITY BREACHES: HOW TO PROTECT YOUR DATA
DATA SECURITY BREACHES AT MAJOR CORPORATIONS SEEM TO BE PERPETUALLY IN THE NEWS.
THE HACKS RANGE IN SIZE AND SCOPE, BUT IT’S NO SECRET THAT FIRMS HIT BY HACKERS
OFTEN SUFFER SERIOUS CONSEQUENCES.
*
*
*
*
*
*
*
fotomay
Data security breaches at major corporations seem to be perpetually in the news.
The hacks range in size and scope, but it’s no secret that firms hit by hackers
often suffer serious consequences.
What can you do to help prevent your organization from becoming tomorrow’s
cyber-breach news headline? Here are 18 pointers:
1. Educate all employees on the importance of protecting data. Explain the
need to such as downloading music or videos from rogue websites. Once
employees understand that criminals want the data with which the employees
work, their thinking changes in ways that can make the organization’s data
much safer than before.
2. Understand what data you have and classify it. You cannot secure
information if you do not know that it exists, where it is stored, how it
is used, how it is backed up, and how it is decommissioned. Make sure you
know those things about all of your sensitive information. Because not all
data is equally sensitive, make sure to classify data according to its
level of importance.
3. Do not give every employee access to every system and piece of data. Create
policies governing who has physical and/or electronic access to which
computer systems and data, and implement procedures, policies, and
technical controls to enforce such a scheme. Authorize people to access the
data that they need in order to do their jobs but do not provide them with
access to other sensitive data.
4. Consider moving sensitive information and systems to a cloud provider.
Unless you have an adequate information security team, the odds are pretty
good that a major cloud provider will do a better job than you at securing
your system and information against various risks.
5. Enable remote wipe. All portable electronic devices on which sensitive
information will ever be stored should have remote wipe capabilities
enabled.
6. Give everyone his or her own access credentials. Ensure that each person
accessing a system housing sensitive information has his or her own login
credentials.
7. Ensure that everyone uses proper passwords to access such systems. People
like to use easy-to-remember passwords; without policies and technology to
enforce the selection of proper passwords, organizations are at risk of
having passwords such as “1234” being the only line of defense against
unauthorized access to sensitive information. So, craft proper policies and
implement technology to ensure that the policies are properly enforced.
8. Go multi-factor. For accessing systems with especially sensitive
information, consider implementing some form of strong, multi-factor
authentication.
9. Deal with BYOD. Make sure that you have policies and technology in place to
address the many risks created by employees, contractors, and guests
bringing personal devices into your facilities and connecting to corporate
networks. All access to the Internet from personal devices or devices
belonging to other businesses should be achieved via a separate network
than is used for company computers.
10. Encrypt sensitive data when storing it or transmitting it. There are many
commercial and free tools available to do this – some operating systems
even have encryption capabilities built in. As you probably suspect, if you
are not sure if something should be encrypted, encrypt it.
11. Backup. Backup. Most people and businesses do not backup frequently enough,
and many (if not most) will not realize the danger of their mistake until
it is too late.
12. Keep your backups separate from production networks. If ransomware gets
onto one of your production networks, it could corrupt any backups attached
to that network. Maintain offsite backups in addition to onsite backups.
13. Create appropriate social media policies and enforce them with technology.
As so many organizations have learned the hard way, policies alone do not
ensure that employees do not leak sensitive information or make otherwise
inappropriate social media posts; implement technology to help with this
task. Remember, many serious breaches begin with criminals crafting
spear-phishing emails based on overshared information on social media.
14. Comply with all information security regulations and industry standards.
Consider such regulations a baseline – but not rules that if adhered to
will offer adequate protection. GDPR, for example, is a regulation for
which many businesses still need to prepare.
15. Use appropriate security technology. Do not just buy the latest and
greatest. Acquire and utilize what you actually need by defining functional
and security requirements and selecting security controls accordingly. On
that note: All computers and mobile devices that handle sensitive
information or ever connect to a network to which devices that house
sensitive information connect need have security software installed.
16. Ensure that technology is kept up to date. Besides keeping security
software current, make sure to install patches to server and client-side
operating systems and software. Many major vendors have automatic update
services – take advantage of these features.
17. Keep IoT devices off of production networks. Treat Internet of Things
devices as if they were a special class of risky BYOD devices – and keep
them on their own networks. Only purchase IoT devices that have proper
security capabilities such as the ability to be patched and to have default
passwords changed upon installation and activation.
18. Hire an expert to help you. There is a reason that businesspeople go to
doctors when they are ill and don’t try to perform surgery on themselves,
or utilize the services of lawyers if they are being sued or accused of a
crime. You need experts on your side. Remember, the criminals who are
targeting your data have experts working for them – make sure that you are
also adequately prepared.
While there are no guarantees when it comes to information security – even the
most security-conscious organizations still face some level of risk – by
following these 18 tips, you can greatly improve your odds of fending off
hackers who seek to steal your organization’s confidential information.
Joseph Steinberg is a recognized cybersecurity thought leader, and emerging
technology influencer (with a focus on AI and blockchain-related offerings). He
has led businesses and divisions within the information-security industry for
nearly two decades, has been calculated to be one of the top 3 cybersecurity
influencers worldwide, and has written the official study guide from which many
CISOs study for their certification exams.
Originally published at
https://www.microsoft.com/en-us/microsoft-365/growth-center/resources/avoid-security-breaches-how-to-protect-your-data
Related:
* Security
* Microsoft
* Windows
* Small and Medium Business
Copyright © 2020 IDG Communications, Inc.
Computerworld The Voice of Business Technology Follow us
*
*
*
* About Us
* Contact
* Republication Permissions
* Privacy Policy
* Cookie Policy
* Copyright Notice
* Terms of Service
* European Privacy Settings
* Member Preferences
* Advertising
* Foundry Careers
* Ad Choices
* E-commerce Links
* California: Do Not Sell My Personal Info
Copyright © 2024 IDG Communications, Inc.
Explore the Foundry Network descend
* CIO
* Computerworld
* CSO Online
* InfoWorld
* Network World