Organizations that follow data security “best practices” may think they are prepared to prevent data breaches, but in 2014 we saw over 1 billion records compromised by some of the largest – and presumably best prepared – organizations. It only takes one single device or point of entry to potentially expose millions of records. Data breaches are happening at an accelerated pace and only those organizations who adopt a holistic approach to data security, updated and adapted regularly, will stay one step ahead of cybercriminals.
In “Data Security Best Practices Not Good Enough” on eSecurity Planet, I explore just how you can move beyond industry standards to implement the kind of layered security approach that is likely to help prevent data breaches. In the article, I talk about the creation of a Data Defense in Depth strategy.
No best practice technologies are sufficient on their own. Instead, organizations must apply a Defense in Depth strategy across three stages:
- Threat Prevention – The SANS top 20 and anti-virus only offer one layer of a more holistic security strategy. Moving beyond these “best practices” to a more complex strategy would include steps to decrease the attack surface across endpoints and networks:
- Build a foundation of tight controls and processes, unique to your organization
- Educate employees to be your first line of defense
- Learn about industry-specific data breach scenarios
- Take a layered approach to security technology, focusing on both network-based controls and endpoint security. Automate security remediation activities whenever possible.
- Incident Detection – Conduct regular security audits of your network, your endpoints and your employee policies, implement a data loss prevention (DLP) tool to monitor the movement of data, and set up appropriate incident detection controls.
- Efficient Response – There are often a lot of security alarms going off at once, so it’s up to trained security personnel to be able to identify the real threats from the false alarms, then to be able to take steps to protect data. Knowing a device is lost is meaningless unless you have a persistent connection to that device to remotely delete data, for example.
In my eSecurity Planet article, I explore each of these stages in depth, offering advice on how your organization can create a customized series of security layers to best protect corporate data. A variety of security solutions will reduce the threat landscape and prevent advanced attacks on your network. All devices must be encrypted, bolstered with persistent endpoint security technology to ensure that security software reinstalls if it is removed or damaged and will allow you to run encryption and anti-virus status reports to prove these solutions were in place and operational at the time of theft – an important checkbox for data security compliance.
Data security strategies need to be constantly reinvented to keep ahead of emerging threats, which isn’t possible if your organization is merely adhering to “best practices.” To learn more about how to stay one step ahead, continue reading the article here.