IT Security & Network Security News & Reviews: Data Breach Prevention: 10 Tips for Fortifying Network Security

 
 
By Fahmida Y. Rashid  |  Posted 2011-10-14
 
 
 

Know What Your IT-Related Risks Are

Every company should conduct an IT risk assessment at least once a year. A thorough IT risk assessment will help identify and prioritize problem areas.

Know What Your IT-Related Risks Are

Know Where Your IT-Related Risks Are

It's not enough to know "what" the problems are, the "where" is critical, too. A good IT risk assessment can save money in the long run.

Know Where Your IT-Related Risks Are

Achieve Compliance With Data Protection Regulations

First, get compliant with all relevant government and industry data preservation standards. But achieving compliance is pointless if the company can't consistently maintain it. Develop a process to manage compliance and keep compliance records up-to-date.

Achieve Compliance With Data Protection Regulations

Conduct Penetration Tests

Hire an independent auditor to run penetration tests to find the vulnerabilities in the system. Run social engineering tests as well.

Conduct Penetration Tests

Know the Incident Response Plan

All companies need to assume they will need an incident response plan. If your organization doesnt have one, develop a plan soon. Practice the plan, so when data breaches happen, everyone knows what to do immediately.

Know the Incident Response Plan

Educate All Employees

People are inadvertently the most common causes of security leaks. Teach employees—top to bottom—to be careful of what they do on personal devices and what corporate data they download.

Educate All Employees

Encrypt Sensitive Data

Encrypt sensitive data stored on servers, laptops and portable media. If data is being stored on highly portable USB flash drives, encrypt those, too. If any of them are lost, no one can access the encrypted data.

Encrypt Sensitive Data

Strong Password Policy

Require all employees—from the highest to the lowest—to change passwords frequently and make sure the selected passwords are strong. Educate users to not reuse passwords across multiple business or even personal accounts.

Strong Password Policy

Segment the Network and Computers

Use a separate machine for financial transactions such as banking and payroll. Don't access anything else, such as email or any other Websites from that machine, to foil malware and phishing schemes.

Segment the Network and Computers

Dont Treat Security as a Nuisance

Security is more than just preventing or limiting what people can do. Good security enables businesses to operate more securely by protecting revenue and profits that could be lost through a data breach. Treat security as an essential part of the company's mission.

Dont Treat Security as a Nuisance

Rocket Fuel