The rise in cyber-attacks and ransomware threats have many businesses increasing their IT infrastructure security. Unfortunately, in an effort to increase security, far too many businesses overlook the proper configuration of IT devices and systems, as well as the importance of creating an enforceable security policy. The best data security policy in the world means nothing if networks and devices aren't properly configured, and if employees ignore the best practices that are in place to prevent cyber-attacks.
Reduce Risks with A Strong Security Policy
The 2017 Data Breach Investigations Report (DBIR), 10th Edition, Annual Survey of Incidents and Breaches Trends revealed that 51 percent of attacks use malware, 81 percent of hacking-related breaches are attributed to either stolen or insufficient passwords, and 62 percent of all data breaches were the result of hacking efforts. With these sobering statistics in mind, there are five critical steps that you can take to avoid the most common security policy weak links that lead to data breaches and thefts.
1. Create Strong Passwords. -- In 2016 an impressive 63 percent of data breaches were completed courtesy of weak or stolen passwords. Instead of learning from the mistakes of others, far too many businesses failed to address their password security weaknesses. This state of inaction led to 81 percent of hacking related breaches using stolen or weak passwords in 2017. Instead of relying on default passwords, using the same password for all accounts, or digitally storing your passwords in an email, note or text message, businesses need to ensure that employees are creating strong passwords. Additionally, their passwords should be updated on a regular basis, include a special character, feature both upper and lower-case letters, at least one number, and be within 8 to 16 characters.
2. Add Endpoint Protection, Including KVM Switches. -- Endpoint security is paramount to keeping your vital business data safe from hacking attempts. To ensure that your endpoints are secure you need to not only use an updated anti-virus software protection, but you also should leverage the security-boosting power of KVM switches. These switches are built to dismantle cyber-attacks at their onset. The KVM switches block signals, increase data control, remove desktop clutter, and remove risky data sharing to effectively limit the destructive power of a cyber-attack.
3. Segment the Network. -- In today's digitally driven world where administrative privileges were exploited in more than 50 percent of inside data thefts, businesses need to begin to segment their networks. Network segmentation not only protects against inside job data thefts, but it also limits the actions of hackers, should they gain access to your network. As part of your efforts, you should also track employee actions, monitor administrative privileged functions, and flag anomalous behavior for immediate review and action.
4. Limit Network Access. -- Segmenting your network is only effective if you also limit network access. If your employees are signing into your network from an insecure WIFI connection, you are immediately opening the door for a hacker to walk through and begin laying the foundation for a ransomware or cyber-attack. As part of your security policy, you should require SSH, VPN, and data encryption to protect against hackers who are trying to infiltrate your network. You should also limit network access to trusted hosts and customize Internet-connected device configurations before they are connected to your network.
5. Simplify and Future Proof. -- Far too often, businesses create more risks when they rush to resolve security weaknesses. To avoid this issue, businesses should focus on simplifying and future proofing their security policies. Through the use of Raritan's intelligent PDUs, businesses can leverage a customized engineering model that is designed to meet specific requirements. Through the Xerus Technology Platform, businesses can enjoy the benefits of interoperable architecture and firmware, while simultaneously gaining the flexibility and reliability needed to shore-up IT security defenses.
Data Protection Starts with A Strong And Enforceable Security Policy
The moral of the story is simple, if you want to protect your business against cyber-attacks, then you need to create a security policy that is strong and enforceable. It is a moot point to spend money shoring-up IT security defenses, if you can't ensure that your employees and clients are following the steps laid out within your security policy.