12 Best Cyber Security Practices
Here are 12 best Cyber Security Practices to implement into your organization this year if you already haven’t.
- Employ risk-based approach to security
Recommend approach is to form your data security strategy by prioritizing certain measure by how much they will affect your bottom line. To do this, your best tool is a thorough risk-assessment.
A risk assessment allows you to:
- Identify all valuable assets, including those you was not aware off
- Identify the current state of cyber security in your company
- Identify the most pressing threats your data faces and how they may affect your bottom line
Things like fines for failing to meet compliance, remediation costs for potential leaks and breaches, as well as costs of missing or inefficient processes are all heavily factor in the results of your risk assessment. Taking all of this into account will allow you to correctly prioritize your security and make sure that your security strategy serves corporate bottom line the best way possible.
- Form a hierarchical cyber security policy
Centralized security policy can be very effective as a base guideline for the whole organization , it shouldn’t cover every process in every department. Instead, allow your departments to create their own security policies, all based on the central one.
There are many benefits – by staking your security policies in such a hierarchical manner, you’re making sure that needs of every department are accounted for and that their workflow, and your bottom line, will not be compromised in the name of security.
- Update your software
Cyber security updates – an old topic that cyber security experts keep repeating year after year. However, even though people are already tired of hearing about it, 2017 with its rise of malware and zero day exploits seems like a particularly good year to reiterate it.
Software updates are critical since most malware out there doesn’t exactly target the new and unknown security vulnerabilities. Instead, it goes for the well-known exploits already fixed in the latest version in hopes that companies do not update.
- Backup your data
Data backup is another basic security measure. With the advent of ransomware, malicious software designed to encrypt all your data, blocking your access to it until you pay a hefty sum for a decryption key, having a full current backup of all your data can prove to be a lifesaver.
How do you best handle backups? You need to make sure that your backups are thoroughly protected and encrypted, and that they are very frequently updated.
- Use principle of the least privilege
Be aware: having too much privileged users accessing your data is extremely dangerous.
Recommended to implement a principle of least privilege, i.e., to assign each new account with the least privileges possible and to escalate them if necessary. At the same time, when access to sensitive data is no longer necessary, all corresponding privileges should be immediately revoked.
- Use two-factor authentication
Two-factor authentication is an important security standard when it comes to account protection. It employs additional physical devise, such as a security token or a mobile device to confirm the identity of the person behind the screen. This authentication method provides a very reliable login procedure security, as long as the secondary device doesn’t get lost or stolen. As an added benefit, it also allows to clearly distinguish between users of shared accounts, making access control easier.
- Handle passwords in a secure manner
While secondary authentication provides a great safety net in case a password gets compromised, it’s still not an excuse to not follow best practices regarding password handling.
Recommendation is a password needs to be long, complex and fully unique.
- Change default passwords for your IoT devices
This year continues the trend of 2016 – IoT devices keep gaining popularity.
- Monitor privileged users
The best way to minimize the risks of insider attack by privilege users is to limit their numbers. This is where the principle of least privilege comes in. You also need to makes sure that any privileged accounts immediately get disabled whenever a person using them is terminated. More often than not, disgruntled employee retains their access upon termination, allowing them to exact revenge for perceived wrongdoing.
- Monitor third parties accessing your data
The best way to protect your sensitive data from any breaches via third-party access is to use temporary password. It allows to limit the scope of access that third-party user has and allows to make sure that you know who exactly connects to your network and why. User action monitoring should also be used in conjunction with one-time password in order to provide a full logging of all user actions, allowing you to detect malicious activity and conduct investigations when necessary.
- Be wary of phishing
Perpetrators use phishing techniques, such as spam e-mails or phone calls in order to find out information about employee, receive credentials from them or infect your system with malware. Phishing received somewhat a resurgence in later years and today companies drowning in spam e-mails containing malicious links.
Recommended to get a properly configured spam filter and make sure that the most obvious spam is always blocked. Moreover, your employees need to be educated on the most popular phishing techniques and the best ways to deal with them, to better protect themselves and your company data.
- Raise employee awareness
The key to the protection of your data lies with your employees just as much as with your defenses.
The best way to deal with negligence and security mistakes by your employees is to educate them on why security matters. Raise their awareness about cyber threats your company faces and how they affect the bottom line.