Businesses need to consider their level of readiness for a cybersecurity incident. Data assets are moving closer to the network edge, or even to third-party clouds. The advantages of moving data to the edge are speed and availability. These same benefits that allow legitimate users to access the data may also make it easier for malicious actors to gain access. To protect themselves, it is essential that companies follow best security practices. This will allow them to respond appropriately if a data breach happens.
Encryption and Decryption
Sensitive data should be kept encrypted while in motion and at rest. Data in motion refers to when data is transmitted via the network, such as when presenting data on a web page. The connection between the browser client and the web server should use encryption technology like SSL, which is indicated by the little lock icon in the address bar. Data on a drive should also be encrypted. Full disk encryption is an option on any modern computer system, including cloud-hosted systems. If an outsider captures an image of a hard drive — or physically removes the hard drive — he or she will be unable to read the data unless he or she also has a decryption key. Even though the data is safe while encrypted, it is a best practice to wipe a disk clean by overwriting all data multiple times if a drive is going to be discarded or repurposed.
Segregate Your Systems
Any system used to store or transmit data that is confidential should be segregated from nonsensitive systems. This practice is one of the NIST standards the DoD uses with their contractors. Segregation allows companies to keep confidential data secure by following a policy of least access. This means granting access to the most limited number of people or systems as possible while still allowing access when needed.
Collect Your Logs
A complete set of logs is important both for detecting and reacting to security incidents. Simply storing every log your systems produce is not sufficient. Logs produced by systems and applications must answer the questions “who,” “what,” and “when.” Logs should allow a company to understand how a security incident happened after the fact. Actionable log events may enable active monitoring so that a company can react to incidents quickly and prevent additional damage. Move event logs to a secure, centralized storage system to protect against log tampering.
Companies are collecting and maintaining more sensitive data than ever. If you want your company’s data to stay safe, it’s important to keep up with the best security practices and implement them. It is crucial to have a robust cybersecurity policy that adheres to best practices across several security domains to keep this data secure.
To learn everything you need to know about having a successful business, check out our training program!