Before we get started, let's define what we're talking about. The term security break can conjure up all sorts of meanings, but I'd like to focus on how it relates to information technology. So by definition –
Security breach: A situation where an individual intentionally gains or misuses network, system, or data access in a manner that negatively affects the security of the organization's data, systems, or operations.
When it comes to data breaches, the risk for organizations is high, from the easily calculated costs of notification and business loss to the less tangible effects on a company's brand and customer loyalty.
Let's look at some ways that will significantly increase the effort required to breach the security of your network and computers.
Change Default Passwords
It's surprising how many devices and applications are protected by default usernames and passwords. Attackers are also well aware of this phenomenon. Not convinced? Run a Web search for default passwords, and you will see why they need to be changed. Using good password policy is the best way to go; but any character string other than the default offering is a huge step in the right direction.
Never Reuse Passwords
On more than one occasion, you must have run into situations where the same username / password combination was used over and over realizing it's easier. But if you know this, I'm pretty sure the bad guys do as well. If they get their hands on a username / password combination, they're going to try it elsewhere. Do not make it that easy for them.
Look Beyond IT Security While Assessing Your Company's Data Breach Risks.
To eliminate threats through the organization, security must reach beyond the IT department. A company must evaluate employee exit strategies (HR), remote project protocol, on-and-off data storage practices, and more-then establish and enforce new policies and procedures and physical safeguards appropriate to the findings.
Establish A Comprehensive Data Loss Protection Plan
Your efforts will demonstrate to consumers and regulators that your organization has taken anticipatory steps to address data security threats. Disseminate this plan through the management structure to ensure everyone knows what to do in the event of a break.
Examine Security Logs
Good administrators know about baselining and try to review system logs on a daily basis. Since this article deals with security breaches, I've like to place special emphasis on security logs, as they're the first line of defense.
Do Regular Network Scans
Comparing regular network surveys to an operational baseline inventory is invaluable. It allows the administrator to know at a glance if and when any rogue equipment has been installed on the network.
One method of scanning the network is to use the built-in Microsoft command net view. Another option is to use freeware programs like NetView. They're typically in a GUI format and tend to be more informative.
Provide Training and Technical Support to Mobile Workers.
Ensure that the same standards for data security are applied regardless of location, by providing mobile workers with straightforward policies and procedures, ensuring security and authentication software is installed on mobile devices and kept up-to-date, and providing adequate training and technical support for mobile workers.
Keep Security Software Updated (Or Patches).
An unpatched system is, by definition, operating with a weak spot just waiting to be exploited by hackers. Admittedly, applying patches takes time and resources, so senior management must provide guidance on allotments and expectations.
Do not Try On Encryption as Your Only Method of Defense.
Encrypting data in transit and at rest is a best practice, but, when used alone, it can give businesses a false sense of security. Although the majority of state statutes require notification only if a breach compromises unencrypted personal information, professionals can and do break encryption codes.
Monitor Outbound Network Traffic
Malware is becoming sophisticated enough to avoid detection. One method of exposing it is monitoring outbound network traffic. Suspicions should be raised when the number of outbound connections or the amount of traffic deviates from normal baseline operation. To tell the truth, it may be the only indication that sensitive information is being stolen or that an email engine is actively spamming.
These methods are simple to implement and will certainly go a long way towards making it more difficult for a security break to occur.