With data breaches occurring regularly in all sectors nowadays, business owners and executives have no choice but to take action to protect their organizations and their data. Unfortunately, cyber security is not as simple as purchasing an off-the-shelf product or service. Nor is a “set it and forget it” approach effective. Rather, keeping your network and data secure requires a multi-pronged strategy and regular upkeep. Here are five things you should be doing to address your organization’s cyber security:
1. Perimeter Defense. A key component of any comprehensive cyber security program, your perimeter defense does exactly what it sounds like: it keeps outsiders from gaining access to your network. This starts with your firewall rule base – a set of rules that govern what is and what is not allowed through the firewall. This will change constantly, especially in larger organizations.
Every time you add a new service or application to the network you will most likely need to create a new rule. For instance, if you have a program that needs constant communication to the main server because it is a subscription-based cloud program, a port may need to be opened so you are able to use this application. This can open up unintended holes in the firewall that unauthorized information can get through.
To prevent these vulnerabilities, you should do a full audit of your firewall rule base twice a year at minimum, so you can look at the bigger picture of what information is coming through. Things to look at when you are auditing include:
- Do these rules make sense as a whole?
- Is there a faster, more efficient way to lay out the rule base?
- Can you allow a service but restrict the port, or vice versa?
2. Patch Your Servers. Patching servers can be a difficult task in the best of circumstances. It usually requires the server to be shut down temporarily to allow the updates to be installed. The reality is that server patches in most networks are often out of date. This is because all new patches must be tested for glitches in a trial environment before they can be rolled out to machines companywide.
Frequency of required updates is also a major challenge as there is often not adequate time to test each update beforehand. If you are not regularly patching your servers, the first course of action is to create a streamlined process for approving and implementing these updates. Try to include only necessary, knowledgeable personnel who can decide what updates are needed and how frequently they should be rolled out.
3. Patch Your Applications. A company’s applications patching process faces many of the same challenges as patching servers. If you are not patching applications regularly, or if even one person on your staff has not updated an application, a hacker can exploit that hole and gain access to your entire company network.
Most modern breaches are caused by a lack of regular application patching. This process needs to be streamlined to allow the IT department to get the available patches out as soon as possible.
4. Storage and Backup. The big question for everyone right now is to cloud or not to cloud? Many organizations find that a hybrid approach is the best solution. Your most sensitive information should be stored locally, within your network on site. The bulk of the rest of your information can be stored with a cloud service. A cloud service is often a cheaper way to store bulk information when you factor in onsite maintenance costs.
The cloud’s benefits are that you are usually handing over everything to professionals who specialize in cloud storage. The downfalls of the cloud are that if there is a breach, you have no right to access or investigate it, so you may never know how deep the breach goes. When you are storing information locally, you have access to everything. You also have control over the physical security of the storage devices.
5. Secure Your Printer. This step is absolutely vital, and most often overlooked even in advanced cyber security initiatives. Printers typically offer the fastest way into a network. If your printer is set up wirelessly that means it has two connections — one that is receiving information from work stations and servers and one that is sending out information. Printers are usually connected to every server and workstation within an office, which means it is an easily exploitable access point with large payoff for hackers. This is often accomplished through taking advantage of the printer’s buffers, which provide malicious entities more than enough space to target your whole system and send themselves information from your network.
COMPASS has developed a methodology that combines the discipline of project management with the latest cyber-security technology and data-protection best practices. In today’s hyper-connected world, every organization is just one data breach away from being a leading story on the news and social media, which can severely damage its reputation and brand. Find out how to protect your institution. Contact COMPASS to learn more about our methodology and how it can help your organization develop a robust cyber-security ecosystem.
