As information technology (IT) practices continue to expand, so do the issues that go along with them. And as any IT manager will tell you, the primary issue to avoid is leaking or exploiting customer data. Did you know that 100% of breaches involved an insider in 2014? This means that outsiders were not to blame. Instead, companies’ own employees were responsible for breaking the security chain.
Are You Monitoring Your ‘Normal’ Business User Activity?
What measures are your IT department and virtual office personnel taking to ensure it does not endure a breach? Are you focusing on privileged user access to deter company and customer data from falling into the wrong hands? If so, that’s an excellent security measure to have in place, but you must also keep in mind that most breaches occur from the 95% of the organization that is unaddressed. In fact, 84% of insider breaches involved a “normal” business user identity who had no admin rights.
How is it that a user with few access rights could manage to compromise the security of your IT department? It’s because these users aren’t as heavily monitored as admin-level users. You’re failing to monitor them closely because you know they don’t have direct access to as much sensitive information as those with admin rights. But what you must realize is that these regular business users, even if they aren’t trying to exploit the data themselves, they are more likely to make mistakes that could leave the door open for hackers to enter your IT infrastructure.
Admin Users Make Mistakes Too
While only 16% of insider breaches occur at the hands of a user with admin rights, this is still a high percentage. Admin users should be monitored just as heavily as all other users, and they should be highly trained on how to use your software and hardware systems. 62% of admin breaches are attributed to human error, meaning with enhanced training, these errors could have likely been avoided.
Only Partner with Trusted Vendors
Only 1% of breaches occur due to 3rd party errors, however, these breaches tend to be very large; Target, Home Depot… Because of this, it is of the utmost importance that you only work with vendors, distributors, and suppliers that you absolutely trust. In order to be able to trust them, you should be familiar with their IT practices. These vendors should not have access to your IT infrastructure, but being that your vendors will intertwine with your outsourcing and insourcing activities, you will of course want to monitor any and all of their IT interactions with your company.
Unnecessary Services Should be Removed
When a default installation takes place in relation to any type of hardware or software, there are many network services that are uploaded/downloaded by default to your network. A large number of these services won’t likely be needed, therefore they should be removed. The higher the number of services that you have running on your network, the more holes you have through which hackers can hack into your system. If possible, you should remove the unnecessary services, or in the least, switch them off so that they do not boot up when your network is rebooted.
Be Leery of Remote Access
Having the ability to log into your network from any virtual office location is an advantage that can boost productivity, however, when a remote connection is not secure, this compromises your company’s data. Tunneling and encryption protocols should be used each and every time that the network is accessed remotely, and access should be restricted to specific accounts, such as those accounts belonging to the CEO, CIO, etc. Furthermore, public computers and networks should never be used to remotely access the network.
Carefully Assign Permissions and Privileges
As already pointed out, security breaches come at the hands of all business users. Even those without admin rights can make errors that lead to massive security obstacles. Still yet, when assigning permissions and privileges, you must be extremely careful in regard to who gets assigned which access rights. Network security is largely based on file and network permissions. For example, if a web server engine becomes vulnerable while operating via a network service software, the hacker can then use that account to perform a variety of malicious tasks, such as sharing and removing confidential data. Because of this, minimal access rights should be granted to each user. And if you have any guest accounts, you should heavily monitor the associated activity. In fact, you may want to do away with guests’ accounts if possible.