How valuable is data? A good way to answer that question is to look at the average cost of a data breach. Recent research in May 2020 found that the average cost of a data breach was USD 3.92 million, a 1.6% increase from 2018 and a significant 12% rise over the last five years.
This illustrates a well-known fact – data is extremely valuable, making it a relentless target for cyberattacks. All entities store personal or sensitive data – enterprise’s sensitive data could be in the form of filings, future technologies, blueprints, etc. while personal sensitive data could consist of passwords, financial details and health information. All of this information could be used by threat actors for nefarious reasons, ranging from impersonation to ransomware attacks and financial frauds.
There’s never been a more important time than now to be extremely vigilant about how sensitive data is stored. The key point to remember is that everyone needs to take responsibility. It has to be ingrained in employees that data security is an important tenet of the job, no matter the level or the position. A mindset of data security has to be cultivated throughout the organization where carelessness should not be tolerated.
While data security is a full-time domain, here are a few best practices:
Two-Factor Authentication
Two-Factor Authentication is fast becoming a necessity as an access control device. Almost all service providers are increasingly mandating the usage of two-factor authentication to verify user credentials. Simply put, a password is just not good enough anymore – there has to be an additional mode of verification.
Password Strength
Even as the world is moving towards two-factor (and in my cases, multi-factor authentication), password strength remains key towards protecting sensitive data. Yet, weak passwords continue to proliferate in organizations with employees preferring ease-of-use over security. Break the cycle now and mandate strong passwords for all functions with passwords to be changed mandatorily after a specified period. While it might be difficult in the beginning, it will soon become a habit.
Device management
Enterprise security must now be geared to deal with a variety of devices. The ongoing COVID-19 crisis has seen an unprecedented shake-up and data security has been its greatest victim. Enterprises have been obliged to allow employees to conduct their work from any device they find handy with IT teams tasked to find out how to balance “work from anywhere” with security requirements. It’s a delicate balance, as it is, and then there are the dangers of employees using the same devices to conduct unauthorized activities. Device management is now becoming even more important when it comes to securing sensitive data.
A multi-layered security approach
We’ve explained the importance of adopting multi-layered security approaches previously, which can be read here. To reiterate, multi-layered security approaches score over standalone security strategies as it decentralizes security into different layers with a specific strategy and framework for each layer, thereby making it far more effective.
Keep your sensitive data secure. Explore Seqrite’s security solutions for multiple layers, specially adapted for the new normal. Endpoint Security (EPS) Cloud enables the deployment, management and monitoring of endpoint security remotely while the new Unified Threat Management (UTM), Version 2.5 helps to centrally manage distributed UTMs in different geographies.
No Comments