Going by the recent reports of data security breach even in the big multinational companies, we are facing a strong and stark reality that we are not effectively stopping the bad guys from breaking into our systems with malicious intent of stealing data. If you are left wondering why even the big companies have failed in providing Enterprise security to their data then know that securing information is hard. That is because, when the product is designed, it is made marketable first and security is an after-thought process. Traditional firewalls no longer hold good as means of security and since the notion of a perimeter has long ceased, it becomes tough task to manage and access data. But the main shield against the fight with the cybercriminals is constant monitoring and commitment.
Here are the 4 simple ways that will go a long way in protection of confidential data of organizations:
The first thing that tops the list of data security is enabling multi-factor authentication. When a user logs in to a mobile device, web-based service or an email account, he is supposed to enter the username and password. The password is the first step in verifying and securing your identity. MFA (Multi-Factor-Authentication) is when it prompts the user to an additional factor to prove the identity. Examples of multi-factor authentication include the OTP or the one-time-password that is received as an SMS text on your mobile. This text contains a unique code that is supposed to be used in the login process. This generated code will be different every time the user logs in. Simply put, this MFA adds that extra layer of security against data thefts. This of course may seem lengthier to you, but it is very essential in some sectors like finance and banking where money is involved. Many services like Facebook, Google/Gmail and plenty of other services including banks provide this service of MFA often called the two-step authentication.
The main advantage for the hackers once they gain entry to the user account is the vast data available on it. The users, for reasons whatsoever, never ever delete the data that they think would put them in risk of theft. So pay particular attention to emails and documents which contain sensitive information and delete that as soon as possible from the account. Data like bank statements, tax returns or anything related to finance can be easily accessed by the hacker and the best way to avoid this is to simply press that ‘delete’ button promptly.
Imagine a scenario where you have used the same password for many of your accounts. Of course, you have done it because you cannot manage passwords for multiple accounts. Now due to some recent breaches, your password has fallen into the hacker’s hands. The hackers have automated tools that will use your password combination across hundreds of websites. When they get a hit, imagine the havoc that they cause by gaining entry either to your ecommerce website or banking account. The damage spreads quickly and easily even before you can comprehend the severity of it. So even though using different passwords is a tough task, it has to be followed diligently so that the enterprise security is not at stake.
Passphrases, of late, are becoming popular than the typical eight character password filled with special characters, alphabets and numbers. The passwords when filled with all the above are notoriously hard to remember and are increasingly becoming easier to hack. So then it is no surprise that practices are moving to passphrases. A passphrase is a few strings that you attach together which necessarily does not make sense to be a complete sentence. It is larger than 8 characters, but makes complete nonsense to the hackers. It might be your favorite quote or a song or what your mom used to tell you often which only you would be aware of. Passphrase also contains spaces in between or special characters or numbers and symbols. The difference is that while password doesn’t make sense, passphrase even though lengthier makes complete sense to the user.
These are the 4 basic ways to secure your enterprise, thus reducing data thefts and to increase Enterprise security; another security blanket can be in the form of Cloud Access Security Broker (CASB) solutions.