As organizations store increasingly more data and IT environments become increasingly more complex, the challenges faced by IT managers can become overwhelming, to the point where many are experiencing high levels of stress.
With the average cost of a data breach at around $4m, not to mention the potentially irreparable damage that could be done to the organization’s reputation, there’s really no margin for error. So how can IT managers deal with the increasing number of security threats and compliance requirements?
Below are a few pointers:
1. Be Realistic About Your Goals
Establishing a culture of security, integrating new technologies, and refining procedures and policies, is not something that will happen overnight. It requires a lot of time, effort and resources, and while there may not be any immediate reward for doing so, it will pay off in the long term.
2. Know Your Technologies Inside and Out
IT managers must spend time learning about all of the technologies and platforms they use. Whilst utilizing SaaS and automating complex processes can help to free-up resources, they can also bring with them new security threats.
These days increasingly more organizations are using cloud-based services for storing sensitive data, which, if not configured properly, can result in a data breach. For example, there have been a number of reported breaches caused by unsecured Amazon S3 buckets. Most of which were simply the result of organizations failing to restrict access to the buckets containing sensitive data.
IT managers will need to ensure that S3 access control lists (ACLs) have been carefully reviewed, and if possible, use a tool that can automatically scan their cloud environment for security misconfigurations. Additionally, it’s a good idea to Multi-Factor Authentication (MFA) for added security when using cloud services.
3. Know Which Regulations Apply to Your Organization
It may have taken a while, but Governments across the globe are finally starting to understand the importance of data security and privacy. IT managers will need to ensure that they know exactly which regulations apply to them and prioritize accordingly. For example, if their organization is storing data belonging to EU citizens, they will need to comply with the General Data Protection Regulation (GDPR). A failure to do so could result in fines of up to €20 million.
4. Know Where Your Sensitive Data Resides
IT managers will need to make sure they know exactly where their sensitive data is located. There are data discovery tools available that can automatically discover and classify a wide range of data types, which will make the process much easier.
5. Monitor Privileged Accounts and Access to Sensitive Data
IT managers must ensure that they know exactly who has access to what data, and when. They will need monitor changes made to privileged accounts, and know how their critical data is being accessed, modified, copied, moved or deleted. Given the limitations of native server logs, they will need to use a third-party solution which provides real-time alerts and customizable reports.
LepideAuditor is a Data Security Platform that allows IT teams to monitor permissions and analyze user behavior in relation to sensitive data. Real time alerts and reports can be generated instantly to keep you in the know.
6. Review and Monitor Third Parties
Due diligence is required when working with third-party contractors and vendors. IT managers will need to carry out a rigorous assessment of the security practices adhered to by the entities in question. The assessment will need to include financial audits, and details about any contracts, historical security incidents and potential claims made against them.
7. Have an Incident Response Plan (IRP) in Place
Every organization should have an IRP to help them recover from security incidents in the timely manner and meet the relevant compliance mandate. The IRP will need to be thoroughly tested and periodically reviewed.
Data security and privacy is a continuing process. All stakeholders, whether they are employees, contractors, vendors and even customers, should be educated to ensure that they know their role in keeping their data secure. Naturally, it is a good idea to employ qualified and experienced cyber-security professionals. Finally, in the event of a security incident, IT managers must ensure that they communicate promptly, regularly and effectively with their customers, in order maintain their trust.