Cybersecurity writer Danny Yadron recently wrote an article for the Wall Street Journal on Five Simple Steps to Protect Corporate Data: What companies should be doing to protect their computer systems – but aren’t. The last few years have pushed us into an era of the “megabreach” – hacks that breach tens of millions of records. We’ve talked about how these incidents have resulted in a “protect the network” mentality which is ultimately shortsighted – both because it leaves risk vectors unprotected and because it does not build a culture of security that ultimately will help protect the organization.
Danny’s article talks about the importance of cyberhygiene – the basic steps such as updating software and doing routine audits of systems and vendors to ensure security standards are being maintained. In the article, he lays out five easy things that organizations should be doing to protect corporate data:
- Keep up with patches – do them immediately, don’t test them for months or update in cycles
- Keep your online doors closed – don’t connect devices that don’t need to be connected, as they can form a gateway into the network
- Encrypt your data – in all its forms, wherever it resides. Also make sure you can prove it’s encrypted with persistent technology
- Get rid of passwords – credentials are the most common way hackers are gaining access to networks
- Check out your vendors – just like with endpoint devices, vendors who have access to the corporate network offer hackers a way ‘in’ if they are insecure
When it comes to data security, a holistic approach involving people, processes and technology can go a long way to shoring up vulnerabilities. At Absolute, we want to support your organization with technology solutions to make data protection easy. Solutions such as the persistent ability to monitor encryption status on the endpoint with Absolute DDS can help. Learn more at Absolute.com