Tips for Reducing Your Risk of a Data Breach
Dealing with a data breach is no fun. The fact is, breaches are not uncommon, but the degree of the breach is often vastly different. Most of you know about the 2013 Yahoo data breach – one of the largest in history in which hackers compromised 3 billion user accounts. Because Yahoo was in the process of being acquired by Verizon, the breach knocked off $350M in value from an initial $5B offer.
Breaches happen. They’ve become part of the world we live in. While there are many aspects to a comprehensive approach to corporate security, I’ll be focusing on how to increase your confidence when sharing sensitive email, confidential or large files, and collaborating, even when using a secure file transfer tool, since we’ve recently seen some major data breaches in this space. No software is perfect, so you can’t reduce your risk to zero, but with good security hygiene, you can greatly diminish your risk of exposing your most important data. Having been involved in secure messaging for the past 24 years, here are three tips on reducing your risk of a data breach from email and file sharing.
Review and update your internal and external platforms
Use the right tool and keep it clean
- Listen to your IT and operations staff – they are sometimes the only ones keeping you from serious harm. They can go a bit overboard with locking everything down, but trust me, they’re trying to help you.
- Patch servers and gateways religiously. Bad actors like to scan companies for servers running old operating systems with known vulnerabilities. It only takes one unpatched server to expose your entire network.
- Layer your defenses. Castles have moats, outer walls, inner walls, keeps, etc. Your most valuable information should be in the inner-most sanctums, with multiple layers of defenses in the form of firewalls, zero trust policies, VPNs, packet inspection, IDS/IPS, malware software, vulnerability scans – the list goes on (and constantly changes).
- Perform due diligence on your cloud providers and make sure they are reputable. Third-party vendors and partners can create exposure for you if their security is lax. Try to understand how your cloud providers architected their security framework, what controls they have in place, and how they handle governance. Third-party audits are good such as SSAE 18, SOC 1 and 2, and other annual audits.
- Review your logs and run reports – are you seeing traffic from strange IP or countries? Are you noticing off-hour activity? Log analysis tools can help makes sense of your data and identify anomalies.
Educate, educate, educate
- I’ve had many partners and vendors email me very confidential information and when I ask whether they have a secure way to send that information, they often do – but they claim to have “forgotten” to do it just this one time. The 2020 Verizon Data Breach Investigation Reports attributes 30% of data breaches to internal actors – not necessarily with malicious intent, but accidents happen, and often the “secure” way to share some important data is overly complicated, and people often take the easy (insecure) path. Biscom cloud and on-prem SFT solutions, with Outlook integration, focus on simplicity and ease of use so people don’t “forget” to use them.
- If you’ve invested in a secure email and file transfer solution, great! You’re ahead of the game. But as recent news has shown those SFT/MFT solutions can themselves be vulnerable, so do you due diligence and ensure those applications are always updated with the latest security patches. Even easier, use a cloud SFT solution and never worry about patching again.
- Remove unnecessary shared files from secure file transfer servers and other content delivery systems (hopefully you’re not using FTP anymore but FTP servers are rarely cleaned out and bad actors love probing for and downloading those files). When people share files out, they often leave them on the server or transfer platform forever. Once something is successfully delivered and downloaded by the recipient, delete it from the platform you shared it on, or have it automatically scheduled to expire and delete if that’s an option.
Implement these now and rest easy tonight!
- It goes without saying that people are your most valuable asset, but they can also be your biggest liability. Employees pose one of the greatest threats for exposing corporate data because of lack of training, inadequate (or non-existent) processes/procedures, or simple mistakes. Make sure people know how to use the security tools you’ve deployed. But remember – a powerful but complex tool can sit idle – make sure you get buy-in from your end-users and choosing tools that are easy to use will increase the likelihood they actually will be used.
- Regular training on the ever-changing threat landscape increased awareness of methods of infiltration, and a good understanding of internal classification and categorization of data and proper handling procedures is important. Ensure everyone knows what information needs to be sent securely.