DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Related

  • Network Guardians: Crafting a Spring Boot-Driven Anomaly Detection System
  • Significance of CMDB in Device Visibility To Control Unauthorized Access in Banks
  • Using Data Diodes for One-Way Information Transfer and Preventing Data Leaks
  • Post-Pandemic Cybersecurity: Lessons Learned and Predictions

Trending

  • Rust: The Must-Adopt Language for Modern Software Development
  • Top NoSQL Databases and Use Cases
  • Designing Microservices Architecture With a Custom Spring Boot Starter and Auto-Configuration Framework
  • Maximizing Productivity: GitHub Copilot With Custom Instructions in VS Code
  1. DZone
  2. Data Engineering
  3. Data
  4. 15 Preventative Measures For Avoiding A Data Breach

15 Preventative Measures For Avoiding A Data Breach

In this article, we give a quick overview of 15 security best practices that your organization should follow to prevent security issues, such as data breaches.

By 
Sheza Gary user avatar
Sheza Gary
·
Aug. 15, 17 · Analysis
Likes (1)
Comment
Save
Tweet
Share
4.2K Views

Join the DZone community and get the full member experience.

Join For Free

As more and more data breaches occur every day, it’s become more of a “when” you’ll be hit instead of an “if” you’ll be hit situation. This means you’ve got to be prepared to deal with the data breach when it comes. Even the best security isn’t perfect, and hackers are coming up with new and effective methods of attack every day. Fortunately, there are some things you can do to help avoid a data breach. These 15 measures will prevent many of the most common attacks on your network, keeping you safe for another day.

1. Make Sure You’re Not Accidentally Revealing Personal Information

In today’s world of social media and online networking, it’s easy to accidentally post information that a hacker can use to gain access to your account. Even something as simple as your home address and phone number may let someone gain access to additional information about you that could be used to steal your identity. Always make certain that all personal information is kept secured, especially personal information that is not your own.

2. Transfer as Little Data as Possible

One of the sources of many client side threats is the transfer of data. The less you move data from one device or network to another, the better. There’s always a chance your data could be hijacked when being transferred from one system to another. Even putting it on something like a USB drive or external hard drive isn’t safe if the physical hardware is lost. Paper copies, likewise, can be misplaced, so make sure they are kept secure and only removed from their designated storage area when needed.

3. Don’t Allow Downloading

Some people will need to download information from the internet, of course, but make sure any files that you won’t need can’t be downloaded. For example, no one should be downloading apps or executable files. Since many viruses come through these files, restricting them can greatly help cut back on cyberattacks. This is especially true in email programs where hackers often spoof legitimate emails in an attempt to get employees to download files.

4. Wipe Old Computers Clean

When upgrading your hard drives and computers, make certain all information is completely wiped from them. Leaving any information on physical drives, even if you trust the people who are collecting them, leaves you open for attack since you have no control over the security of these components once they leave your office. This extends to physical files, too. If you’re going for zero attacks, make sure you shred all paper copies of information once it’s no longer needed.

5. Do Not Allow Any Unencrypted Devices

If a device does not encrypt data, it should not be allowed to connect to your network. This includes employee laptops, smartphones, tablets, and other devices. Keep anything without security from connecting to your network so that viruses cannot easily be spread.

6. Make Use of Secure Couriers

Need to send data to someone via a USB drive or other type of hardware? While most network security threats do come from the internet, you should never assume data is safe just because it’s being transferred via some other method. Make sure the couriers you use are trustworthy and that all information is secured in a tamper-proof package.

7. Use Strong Passwords

There are still people out there who use basic passwords that don’t include capital letters, numbers, or symbols. Make sure employees understand what a good password is and require them to regularly change passwords.

8. Automate Your Security

When your security is automated, you don’t have to worry about it. Your system will automatically check the configuration of your firewall and server, plus it can make certain that passwords haven’t been changed under suspicious circumstances.

9. Identify the Threats

Do you know what a suspicious activity on your network looks like? If not, you may not know when your network is under attack. Using a program such as Razorback, an open source threat framework, will help detect threats on the client side, including malware and zero day exploits. Including programs like this on your network adds another layer of protection.

10. Watch for Data Leakage

You should regularly look at your security controls to check to see if any of your company’s private data has somehow become public. Make sure all of your security settings are set as they should be – hackers sometimes slip in and, instead of stealing all of your data, they simply turn off your security. Make sure that’s not happening and that all of your information is still secure.

11. Track Your Data

Do you know where your data is moving to? Watching where, when, and how it’s being moved can help you determine when your sensitive data is being used in ways it should not be. This also lets you see which accounts may have been compromised.

12. Define Who Has Access

Do you know who should have access to your sensitive information? By defining access, you can make certain that people who do not need to be able to get to sensitive information cannot. This will help cut back not just on hackers getting into your data but also on employees accidentally seeing information they should not.

13. Train Your Team

It can be hard to keep up on the latest security threats, but if you are continually training your employees on internet security and privacy, it will help make them aware of what malicious methods hackers are currently using and how to defeat them.

14. Close Any Entrances That Don’t Need to be Open

One way into and out of your network is much safer than having multiple entrances. Shut down any entrances that a hacker might use to help secure your data as much as possible.

15. Have a Plan

What will you do if your data is breached? The final step in protecting your company is to have a response plan. You should know who will contact the staff, what you’ll do about the lost information, how you’ll restore it if needed, and what your public response will be.

Data (computing) security Measure (physics) Network

Opinions expressed by DZone contributors are their own.

Related

  • Network Guardians: Crafting a Spring Boot-Driven Anomaly Detection System
  • Significance of CMDB in Device Visibility To Control Unauthorized Access in Banks
  • Using Data Diodes for One-Way Information Transfer and Preventing Data Leaks
  • Post-Pandemic Cybersecurity: Lessons Learned and Predictions

Partner Resources

×

Comments

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • [email protected]

Let's be friends: