Costly data breaches are on the rise—2017 was a record-setting year in terms of cybersecurity incidents, with more than 14.5 billion malware-infected emails sent and 1.9 billion data records stolen in the first 6 months of the year.
One of last year’s biggest data breaches was the Equifax hacking incident, in which personal information affecting 145 million customers was stolen. According to cybersecurity experts, that single data breach will have lasting effects because the personal data stolen can be used to create fake identities and commit further cybercrimes. The WannaCry virus was another news-making data breach incident in 2017, locking down systems in more than 150 countries worldwide.
The economic effect of data breaches such as the Equifax hacking incident and ransomware attacks such as WannaCry can be devastating. An IBM-sponsored study found that the average cost of a data breach was $3.6 million in 2017, and the costs associated with a major incident can be much higher. It’s important to keep in mind that the costs don’t end at the monetary liability that a company experiencing a data loss endures; loss of customer trust and damage to a brand’s reputation are difficult to quantify but the damage is just as real as the financial hit.
As high-profile hacking incidents continue to make news in 2018, IT professionals are looking for new ways to protect their companies’ vital data assets. That task is complicated by a growing interconnectedness, as companies seek digital transformation and increasingly rely on cloud services as a core part of their operations. From a planning and business decision-making perspective, there are two types of data security risks that company leaders must address: internal and external.
IT experts concerned about their company’s data security posture need a strategy to manage holistic threats from outside the organization, such as hackers. They also need an effective approach to manage individual rights to control emerging internal threats. Here are the top five approaches to manage the growing risk to companies’ data.
‘Zero Trust’ to Counter External Threats
As defined by Forrester, “Zero Trust” is a philosophy that rejects the perimeter security model of guarding against external threats only, and imposes security throughout the digital ecosystem. Elements include comprehensive logging and auditing capabilities to monitor all access to network data and endpoint protection for all technology assets. A Zero Trust approach extends protection to all devices regardless of ownership.
Effective elements of a Zero Trust approach can also include cloud access service brokerage as a buffer between cloud service users and cloud providers for security policy enforcement. A security incident and event monitoring strategy also guards against external threats, and a comprehensive incident response plan is another essential element of a Zero Trust approach.
Managing Rights Restrictions
One size does not fit all in the cybersecurity realm. That’s why it’s critically important to manage user rights and restrict access to data, thereby reducing the risk of a breach rather than granting rights on a one-size-fits-all basis. Security profiles can help IT professionals control who sees what information and configure which levels of protection are appropriate for various user groups and types of network traffic, balancing convenience and security.
Multifactor authentication (MFA) is another effective method for managing rights restrictions, requiring the use of more than one credential to access confidential data. To address access to critical cloud services, effective authentication methods include a single sign-on (SSO) strategy that lets administrators retain control of user authentication with security assertion markup language support to manage robust password complexity policies while ensuring persistence.
Achieving the right level of access and privilege is crucial in managing authorizations, as is an understanding of the control infrastructure. For example, sales people need access to sales data, but they don’t necessarily need access to finance department information. Setting the right level of access/privileges is a critical administrative function.
In addition to authorizing access to information, a sound security posture requires carefully managing privileges associated with the data. Does the user need to be able to edit the data or only view it? Protecting data will require that administrators make decisions for different classes of employees, granting privileges based on their job functions.
Administering Internal Access
One of the most important administrative functions is onboarding new employees. Granting authorities and controlling access must be handled proactively rather than on a default basis. Use of a virtual private network with MFA to restrict access can be an added layer of protection for data assets.
A center of excellence for granting access and privileges can be an effective way to manage internal access, such as using SSO and MFA to restrict access to authorized employees. To expand access to partners, API protocols can be helpful in controlling access rights in the same environment. Role-based access control helps limit what users can do according to their job requirements, e.g., viewing, modifying, or creating data files and workspaces.
Using Encryption to Protect Data
Converting information into code to prevent unauthorized access is an important factor in keeping sensitive data safe. The use of Secure Sockets Layer/Transport Layer Security protocols to exchange data across locations protects information in transit. Network security policies are designed to protect data when it isn’t in transit, and encryption can also play an important role in restricting access to data at rest.
As cloud services become even more essential to modern business operations, a “bring your own key” strategy that features self-managed keys can be a game-changer, allowing even organizations with extraordinary security needs to access cloud services. Organizations can protect highly sensitive data and access the cloud by maintaining sole access to their data on the cloud provider’s platform, encrypting and decrypting workspaces with a key that they alone possess.
It has become almost routine: another day, another high-profile data breach headline. Saks Fifth Avenue and Lord & Taylor recently reported that hackers stole information on 5 million customer credit and debit card accounts. The allure of easy money and the availability of increasingly sophisticated hacking tools guarantee that there’s no end in sight to the threat posed by outside hackers. Internal threats continue to proliferate as well.
That’s why IT professionals charged with protecting their company’s data assets must be vigilant and aware of the latest trends in threat management. A Zero Trust posture and careful management of rights and authorizations arre musts. Policies that control internal access to data and robust encryption capabilities—including the ability to maintain sole access to encryption keys—can help IT professionals manage the growing threat to their company’s data.