The impact of data breaches for businesses can result in a loss of trust or reputation for the businesses. In some cases, cyber criminals may put the stolen data online for sale or use it to demand ransom from the businesses or individuals involved.
To reduce the risks or impact of a data breach, businesses have to put in place adequate measures to protect their stakeholders.
1. Limit Access
Only authorised personnel should have access to reduce the risk of privileged account abuse or access. Permissions should be reviewed regularly to ensure that employees who are no longer working at the organisation have their access terminated.
2. Update Systems, Software and Applications and schedule anti-virus scans
If you do not have an in-house IT team to update systems, software and applications to patch existing vulnerabilities, consider hiring an outsourced IT team to fulfill this important step. In addition, perform antivirus scans regularly and keep software updated with the latest malware signature files. Consider using a firewall-as-a-service.
3. Encrypt important or sensitive data
Encryption is useful to limit the damage done in the event that the data is stolen or leaked. Sensitive data such as client information, vendor details and payment advice should not be easily accessible or left unencrypted. Virtru is an email encryption plug-in that can be used to encrypt outgoing emails and control access.
4. Monitor database and outbound network traffic
Databases should be frequently monitored for suspicious activities such as unauthorised copying or sending of important business data that can construe a data breach if leaked. Outbound network traffic should also be monitored. Watch out for unauthorised communications or data transmissions. Cloud-based applications need to be configured properly with the appropriate access controls and security settings.
5. Keep an updated backup
Ransomware attacks affect backup copies that are online. For this purpose, there should be another secure backup stored offline and unconnected to the enterprise network. Multiple backup copies can be made and backup frequencies scheduled with Datto. An attractive feature of Datto is its ransomware detecting feature, which will send an alert to administrators when a ransomware attack is detected.
6. Conduct security awareness training for employees
Much like physical hygiene like hand-washing, security awareness training teaches employees good cyber hygiene habits such as how to manage important data properly and how to identify and deal with phishing emails appropriately.
Source: CSA
Our PSG-approved package bundles two bestselling solutions that targets email security and cyber awareness training!
Complimentary 30-minute IT Consultation!
