Businesses of all sizes have certain sets of sensitive, mission-critical data that they need to have ready access to. Without access to such corporate data, operations cannot continue smoothly, and the business suffers.
But while it’s important to ensure this data is accessible, it’s necessary to protect corporate data from illicit access.
Data breaches can cost a business dearly as operations are disrupted, customer trust is lost, and reparations are made to those affected by the breach.With this in mind, how can businesses protect corporate data in their enterprise?
Here are a few steps that businesses can take to protect their data:
Step 1: Keep All Business Systems Up-to-Date with the Latest Security Patches
While there are hundreds of thousands of new malware threat signals being created each day, many of these threats rely on old vulnerabilities and exploits that already have patches.
As noted in a Wall Street Journal article on protecting corporate data, “in 2014, a third of the new hacking tools discovered by security researchers at Hewlett-Packard Co. relied on exploiting a flaw in Microsoft Corp.’s Windows that was discovered in 2010. Microsoft issued a patch long ago, which should have covered the chink in the digital armor.
Consider that, according to reports cited by CNN Money, “more than 317 million new pieces of malware” were released that same year. This means that over 100 million malware attacks could have been foiled if companies had applied a single patch to their software.
However, keeping all software up-to-date with the latest security patches can be difficult. Computer software is complicated, and a patch that works fine on one business system running a specific set of applications may cause issues on another system. This is why many businesses spend significant time and effort on testing patches before applying them to their entire operation.
Step 2: Limit Access to Business Systems
Internal attacks remain a significant concern for businesses. Whether these attacks are the result of intentional employee malfeasance, accidents, or compromised user accounts, they can cause serious damage.
To protect sensitive corporate data from internal attacks, businesses need to restrict the access employees have to business systems as much as possible without affecting their ability to do their job.
By restricting an employee’s access to just the databases and apps they need to fulfill their job role, businesses can drastically reduce the damage that an internal attack will cause, regardless if the attack is by the employee or by a hacker that compromised the employee’s user account.
Furthermore, any time that an employee is terminated, their user access to the business’ systems should be immediately revoked. This can help prevent the employee from abusing their user credentials after they leave the company.
3: Take Unused IT Assets Offline
Taking old or unused IT assets such as old computers and servers that aren’t needed offline can help close some online “doors” that hackers might use to get in.
As noted in the WSJ.com article mentioned earlier, the government-run HealthCare.gov insurance exchange got hacked:
“through a Web-development server connected to more sensitive parts of the network. The server wasn’t supposed to be online, so it didn’t have the same protections as other HealthCare.gov machines.”
Removing unused assets from the network helps to limit the number of devices a company has to track and reduces the number of entry points a hacker can take advantage of. Wiping these devices of data according to data security standards helps to further secure corporate data.
4: Apply Encryption to All Sensitive Data
Encryption of data-at-rest and data-in-flight helps keep hackers from being able to use any of the information they may manage to capture. Encryption helps scramble data so that it cannot be read without the right encryption key, preventing illicit access.
While encryption may not stop all hackers from being able to read the data, it can at least slow them down, buying time for the company. This time can mean the difference between being able to notify consumers which pieces of data have been compromised and what steps they need to take to protect their identities, and having consumers get their first warning in the form of fraudulent charges to their bank accounts.
These are just a few of the things that businesses can do to protect corporate data from hackers and thieves. However, taking these steps can have a significant impact on the strength of a company’s data protection.
For help with keeping your data safe while leveraging the latest enterprise-grade technologies, read some of our other resources about data security for businesses.