Data security has a lot of parallels with health & safety risk mitigation. Thirty or forty years ago, health and safety laws were more limited in scope, and accidents were more prevalent. Over time, things like PPE, processes and checklists have become part of a business’ routine. While they add an administrative burden, they have also undoubtedly kept people safe.
Data security measures are much the same. While there’s no way to eliminate the risk of online intrusion, a range of measures now exist to prevent it. With each measure creating a more cumbersome experience for users, cybersecurity is often a process of weighing up the risks, and implementing security measures in a way that minimises disruption to your business.
The Risks of Online Intrusion
Online intrusion is one of the most present and potent threats to your business. With servers often being available to access 24/7, your data needs to be protected at all times, and from numerous angles of attack. Fail to do so, and you could find critical files and information being stolen or ransomed, or systems becoming inoperative.
Preventing intrusion means scanning your networks for vulnerabilities. This usually takes three forms: an external scan, a host scan, and a network infrastructure scan. The external scan is the most basic, and looks at the ways an unauthenticated user could gain access to your network from the outside. This includes scanning for open ports that could be used to access your services, and see if they have security vulnerabilities.
The second common means of vulnerability scanning is on host. This will use an authenticated login to scan the network from the inside, allowing for all the services on the network to be scanned. Finally, a network infrastructure scan looks for vulnerabilities in the network hardware from the management interface of the equipment itself, a comprehensive process that often requires some setup and planning.
Changing user behaviour
Despite the tangible threat of hacking, the majority of data breaches are the result of admin accounts being compromised. As such, limiting the use of accounts with administrative privileges – and maintaining the security of these accounts – is the first and most important step in preventing online intrusion.
The easiest thing you can do to prevent intrusion is to use a complex password, and to keep this password safe. While a combination of numbers, letters and symbols is good, security experts increasingly recommend the use of an obtuse phrase (e.g. ArticleTeachesToAv0idBreaches), as this is equally secure and more memorable.
Changing behaviour also means changing policies. Having company policies in place to ensure that files are disposed of securely, that only approved files are downloaded or uploaded, that remote access takes place in a secure manner, and that company hardware is only used to access specific materials will all help to limit your exposure to risks, and help to instil a more safety conscious mindset in your organisation.
Patch and protect
While the biggest weakness of any system is the people who use it, the system itself also needs to be protected. Hackers are constantly probing software for vulnerabilities just as security professionals are, and this can lead them to find issues which can be exploited. This causes a perpetual race between software developers and cybercriminals, where the developers seek to spot security holes first, and fix any that come to their attention.
By regularly scanning for vulnerabilities and keeping in the loop in regards to software updates, you can ensure that security flaws are quickly patched, preventing new vulnerabilities from being exploited. This applies to any services which are exposed to the internet, regardless of what you use them for. A computer which is internet-connected only for the purpose of one piece of software is no less vulnerable than one that’s used for frequent browsing.
If vulnerabilities are comparable to holes in your interior wall, there are other walls you can put up to block unauthorised access. Establishing firewalls for web applications will prevent them from sending or receiving certain kinds of traffic on certain ports. As some ports and traffic protocols are more vulnerable to access than others, this can provide a simple safeguard against many attacks, stopping them before they can test your security.
Another important aspect of network protection is DDoS protection. Short for distributed denial of service, a DDoS attack involves bombarding a network with a huge number of simultaneous requests from different sources, constituting a huge amount of data. Commonly used to make websites inoperable, a DDoS attack can in extreme cases be used to hold businesses to ransom. DDoS protection helps to identify these sources of ‘bad faith’ traffic, and prevents them from clogging up your bandwidth, keeping your site online and functional.
Protocols and authentication
Device encryption is a fundamental part of data security, and prevents all or some of the files and folders on a device from being accessed. Anyone who tries to access or steals the data will be unable to decipher it without the recovery key or password. What encryption can’t do is protect data that is sent from one device to another, whether that’s over the internet or a local area network. In these cases, it’s important to apply encryption to protocols as well.
Protocols dictate how devices communicate with one another, and are the foundation on which the internet is built. Secure protocols utilise encryption to mask the data that is being transmitted, preventing anyone from accessing or deciphering the data en route to its recipient (what’s known as a ‘man in the middle’ attack).
Different secure protocols exist for different functions, such as TLS (for web, FTP and email), IPsec (VPNs) and SSH (remote access). For instance, whenever you see a website that uses HTTPS, this is normally being secured by TLS, which applies secure algorithms to the HTTP traffic. Ensuring that all applications are using these secure protocols to transmit and receive data will help to prevent data breaches that occur outside of your network.
If login credentials do become compromised – something it’s difficult to prevent entirely – there are also added layers of protection that can be implemented. Multi-factor authentication (MFA) is a simple method that prevents a compromised password from granting complete access to a system. Common on many websites, MFA requires several layers of authentication on top of a password, such as using an authenticator app on your phone, or receiving a password via email.
These are just a few of the methods that are commonly used to secure businesses from the prospect of online intrusion, and the illegal access of company data. By employing the services of an IT security specialist, you can undertake a comprehensive scan of your network security, locating weak points and implementing critical security reforms. While these may add some steps to your usual processes, you’ll have the peace of mind of knowing your confidential data is safe – securing your network and your business’ future.
Sota is an IT company based in Kent and is one of the UK’s leading independent providers of professional IT support services, cloud computing, cyber resilience, connectivity, and unified communications. Having worked with countless businesses over the years, they are experts in their field, ready to advise and offer tailored solutions for each and every company.