Over a million developers have joined DZone.

15 Preventative Measures For Avoiding A Data Breach

DZone 's Guide to

15 Preventative Measures For Avoiding A Data Breach

In this article, we give a quick overview of 15 security best practices that your organization should follow to prevent security issues, such as data breaches.

· Security Zone ·
Free Resource

As more and more data breaches occur every day, it’s become more of a “when” you’ll be hit instead of an “if” you’ll be hit situation. This means you’ve got to be prepared to deal with the data breach when it comes. Even the best security isn’t perfect, and hackers are coming up with new and effective methods of attack every day. Fortunately, there are some things you can do to help avoid a data breach. These 15 measures will prevent many of the most common attacks on your network, keeping you safe for another day.

1. Make Sure You’re Not Accidentally Revealing Personal Information

In today’s world of social media and online networking, it’s easy to accidentally post information that a hacker can use to gain access to your account. Even something as simple as your home address and phone number may let someone gain access to additional information about you that could be used to steal your identity. Always make certain that all personal information is kept secured, especially personal information that is not your own.

2. Transfer as Little Data as Possible

One of the sources of many client side threats is the transfer of data. The less you move data from one device or network to another, the better. There’s always a chance your data could be hijacked when being transferred from one system to another. Even putting it on something like a USB drive or external hard drive isn’t safe if the physical hardware is lost. Paper copies, likewise, can be misplaced, so make sure they are kept secure and only removed from their designated storage area when needed.

3. Don’t Allow Downloading

Some people will need to download information from the internet, of course, but make sure any files that you won’t need can’t be downloaded. For example, no one should be downloading apps or executable files. Since many viruses come through these files, restricting them can greatly help cut back on cyberattacks. This is especially true in email programs where hackers often spoof legitimate emails in an attempt to get employees to download files.

4. Wipe Old Computers Clean

When upgrading your hard drives and computers, make certain all information is completely wiped from them. Leaving any information on physical drives, even if you trust the people who are collecting them, leaves you open for attack since you have no control over the security of these components once they leave your office. This extends to physical files, too. If you’re going for zero attacks, make sure you shred all paper copies of information once it’s no longer needed.

5. Do Not Allow Any Unencrypted Devices

If a device does not encrypt data, it should not be allowed to connect to your network. This includes employee laptops, smartphones, tablets, and other devices. Keep anything without security from connecting to your network so that viruses cannot easily be spread.

6. Make Use of Secure Couriers

Need to send data to someone via a USB drive or other type of hardware? While most network security threats do come from the internet, you should never assume data is safe just because it’s being transferred via some other method. Make sure the couriers you use are trustworthy and that all information is secured in a tamper-proof package.

7. Use Strong Passwords

There are still people out there who use basic passwords that don’t include capital letters, numbers, or symbols. Make sure employees understand what a good password is and require them to regularly change passwords.

8. Automate Your Security

When your security is automated, you don’t have to worry about it. Your system will automatically check the configuration of your firewall and server, plus it can make certain that passwords haven’t been changed under suspicious circumstances.

9. Identify the Threats

Do you know what a suspicious activity on your network looks like? If not, you may not know when your network is under attack. Using a program such as Razorback, an open source threat framework, will help detect threats on the client side, including malware and zero day exploits. Including programs like this on your network adds another layer of protection.

10. Watch for Data Leakage

You should regularly look at your security controls to check to see if any of your company’s private data has somehow become public. Make sure all of your security settings are set as they should be – hackers sometimes slip in and, instead of stealing all of your data, they simply turn off your security. Make sure that’s not happening and that all of your information is still secure.

11. Track Your Data

Do you know where your data is moving to? Watching where, when, and how it’s being moved can help you determine when your sensitive data is being used in ways it should not be. This also lets you see which accounts may have been compromised.

12. Define Who Has Access

Do you know who should have access to your sensitive information? By defining access, you can make certain that people who do not need to be able to get to sensitive information cannot. This will help cut back not just on hackers getting into your data but also on employees accidentally seeing information they should not.

13. Train Your Team

It can be hard to keep up on the latest security threats, but if you are continually training your employees on internet security and privacy, it will help make them aware of what malicious methods hackers are currently using and how to defeat them.

14. Close Any Entrances That Don’t Need to be Open

One way into and out of your network is much safer than having multiple entrances. Shut down any entrances that a hacker might use to help secure your data as much as possible.

15. Have a Plan

What will you do if your data is breached? The final step in protecting your company is to have a response plan. You should know who will contact the staff, what you’ll do about the lost information, how you’ll restore it if needed, and what your public response will be.

security ,data security ,insider threat ,security best practices

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}