It seems that almost every month we are told of yet another high-profile security breach in which sensitive data is leaked, either for profit or accidentally. In almost every case, the end result of these data leaks is damage to the reputation and/or bottom line of the organisations involved. Whilst there is no way to completely remove the risks of a data breach occurring in your organisation, there are certain steps you can take to mitigate them. In this article, we will discuss 3 important steps you can take to help prevent data leakage.
1. Know where your sensitive data resides
The first step towards preventing data leakage is to identify your sensitive data and where it is residing in your critical systems. Once you have identified your sensitive data, you can then categorise it in order of what requires the most amount of protection. Once data is classified, you can make use of Data Loss Prevention (DLP) software to firm up their security strategy. The details of such a strategy will vary based on industry and how you classify your information. For more information on this, click here.
2. Audit, monitor and alert on critical changes
Arguably the most important step you can take to prevent data leakage is to ensure you have continuous and pro-active strategy to monitor changes taking place in your infrastructure that affect your sensitive data. Our surveys continually find that over 60% of organisations do not have an adequate strategy in place for change auditing. The result of this is that if critical changes did take place, they would go undetected until the effects of the data leakage incident started to manifest.
Nowadays, it is nonsensical to rely on native auditing processes alone for monitoring critical changes, as the process is too time-consuming and the logs produced contain too much noise to make any sense of. It simply doesn’t make sense to rely on native auditing when there are so many audit solutions on the market today that simplify these processes at cost-effective prices. LepideAuditor is one such solution that audits and monitors all changes taking place to sensitive data in critical servers and to permissions of your users. It notifies you of these changes through a combination of real time alerts and pre-defined reports. Using a solution like this to monitor user activities and permission states, combined with a DLP solution for network and endpoints, helps you prevent data leakage before it escalates.
3. Consider encrypting your data
While not 100% impenetrable, encrypting your confidential data remains one of the best ways to keep data secure. If you have a well thought through and executed encryption and key management process, then any data that is stolen or leaked will be unreadable. Encryption simply adds another layer of protection to compliment the rest of your strategy.
Fighting against data leakage is an ongoing battle that requires constant vigilance. There are so many ways to help prevent data leakage that it would be impractical to list them all in one article. The ones included here are just some of the steps you can take that I believe to be the most important. They are simple, easy to do and inexpensive if you search around for the right solution.