Network Security is Critical for Data Security

Data is your greatest asset. This is a common adage. It could even be called a cliche. You know what they say, it's a cliche.

It's important that you and your team take great care to protect mission critical data. The data you keep about customers, sales, employees, and products. It's recorded, backed-up, and duplicated. You keep backups off-site and have redundant systems.

You must ensure that users are authenticated with the correct rights and privileges. To ensure that only the correct data is viewed by users, you create views that are specific to each application and class. You have done everything and you are able to go to sleep at night.

You may be missing the obvious. Consider this another cliché: "You are only so secure as your networks." Obvious? Perhaps. Perhaps.

Verizon issues each year the Data Breach Investigations Report. The report is based data from the US Secret Service and security services in Australia, England, Netherlands and Australia. They have identified 855 global incidents that compromised 174 millions records for 2011. Over 2000 incidents with more than 1,000,000 records have been identified in the eight-year history of the report.

Remember, these are only incidents that these agencies have detected. The actual number of incidents will be exponentially higher sophos panama .



What the DBIR says about the incidents uncovered is what is most important. 98% were external agents. 81% of the breaches involved hacking techniques and 69% used malware. However, only 5% were caused by privilege abuse.

I cannot minimize the threat of internal threats, but it is possible for employees and others to do serious harm. Worse, only about 8% of incidents can be detected internally. It can take you a while to find out if you have been compromised. This raises suspicion that there are many other breaches that happen and that they are not always identified.

Let's take a moment to consider the following. According to the DBIR, 96% of breaches weren't difficult according to the DBIR and 97% were preventable with simple or intermediary controls. 97% of the victims that fell under the Payment Card Industry Data Security Standard were not in compliance. PCI DSS is designed to protect cardholder data from debit, credit, pre-paid, ATM, epurse and Point of Sale.

Alarmingly only 29% of PCI DSS-covered companies have set up a firewall to protect their data. I can understand your concern. You must be talking about small businesses. In large part, yes. The report does not include large organizations, and only 71% have firewalls. The impact of a cyberattack on large organizations can be devastating, so it is quite shocking that 29% lack firewalls to protect PCI site.

While large organizations may be more compliant with having antivirus protection, 86% of them are better than the 23% for all other organizations. To put it another way, 14% (larger) and 77% (77%) of all PCI DSS protected organizations don't implement virus scanning.

Protect yourself and others. These figures suggest that there are many potential Typhoid Marys.

Let's examine some of the hacking threats most commonly encountered that you need to be protected from:

SQL Exploit is an attack on a website's database. An SQL Statement that results in undesired outcomes is attached to a field input.

A typical login script creates variable values that are equal to the input for a user name and password, and then adds them together to form a select statement. The statement is executed to determine if the combination of these values exists.

Consider that the userid value is "ui" and your password value is "pw/drop table user".

The following would be the execution of the statement:

Select * from users where password= pw'drop table and userid="ui".

The system would execute two statements. The system would execute two separate statements: the first, the select search, and the second, the statement dropping from the user table. Ouch!

Guessable Passwords: Although large organizations have standard procedures which require password and default user changes, this is a top breach for small companies.

For example: MySQL Server default user root has no password.

It is possible to be vulnerable if you forget to add a password after installation.

Even if it is not mandatory, use a strong password with combinations of letters/numbers, case and special characters. A lot of people will use a guessable password like the current month or the "password" word.

Keylogger There is a wide range of malware programs that can capture keystrokes and other information from a user's computer or at a site. They can not only capture passwords and user ids but also any other data being entered.

Brute Force or Dictionary Attacks?Brute Force works against encrypted data. This technique allows you to exhaust all possible options until you find one. A Dictionary Attack is similar but works from a list. For example, a list with common passwords like "password", which can be used for months, years or even decades.

Backdoors: An backdoor allows you to bypass the standard authentication process. Hackers capitalize on the fact computer makers and developers of applications often create backdoors while they are developing and then neglect to remove them when they enter production. Malware is able to identify and create backdoors that can then be used later.

Even if you use antivirus and firewall protection, you might still be vulnerable. The problem with antivirus protection is that it only targets known viruses and exploits.

That's not all that bad. However, there are about 50,000 new viruses every day. You are always playing catch-up, even though they eventually update the blacklist.

I prefer protection using a "whitelist concept" and sandbox. The technique involves comparing program files with a list that contains valid files. Only files on the list are allowed to run within your system. If the scanner is concerned about a program's authenticity, it will be run in a special area called a Sandbox. The scanner can then determine whether it should be deleted or allowed to continue.

Secured Socket Level (SSL), as well as SSL Certificates, are critical if your web site handles sensitive information. SSL provides a secure connection between the browser and your site. SSL Certificates authenticate a web site's authenticity for the user.

SSL Certificates come in a range of prices that are affordable.

A SSL Certificate with Extended Validation (EV), provides the highest level authentication.

If you have multiple domains, a Wildcard SSL could save you money. A wildcard SSL is a one-time purchase that covers all sites and subdomains. One wildcard SSL can be purchased that covers both judgeco.com AND sports.judgeco.com.

Unified Communications SSL Certificates (UC) can be used for multiple domains and hostnames. One UC SSL cert can be used on a primary domain, as well as up to 99 other names. They are popular for use in Microsoft Exchange and Microsoft Live servers.


Comments

Post a Comment

Popular posts from this blog

Network Security is Critical for Data Security

Image
"Data is your most valuable asset." I'm sure you've heard this saying. You may even call it a cliche. You know what they say, it's a cliche. It's important that you and your team take great care to protect mission-critical data. The data you keep about customers and sales and the employees who work for you. You log it and back it up. Then you replicate it. Backups are made off-site and there are redundant systems. You must ensure that users are authenticated with the correct rights and privileges. You create views to allow users to view only the relevant data. You have done all that you can so you can rest at night. You may be missing the obvious. Consider this another cliché: "You are only so secure as your networks." Obvious? Perhaps. Perhaps. Verizon issues each year the Data Breach Investigations Report. Based on data supplied by the US Secret Service and security agents in Australia, England, and the Netherlands this report was created. They hav
Read more

Security and Network Infrastructure: Is It Really Worth the Investment?

Image
There have never been more requests confronting the present organizations than any other time, particularly with regards to arrange activities. Having the option to stay with up with your's cell phones, supporting a safe organization climate, and spanning network in contemporary office settings is difficult, not to mention keep up with as long as possible. However, is it actually that critical to put resources into network foundation, when it appears to be that innovation outperforms the organization framework set up?   Albeit each organization has its own exceptional difficulties, it is essential to recall that network foundation and security are significant in keeping activities and applications moving without a hitch. A strong foundation will give fast reaction time, magnificent organization strength, consistent equipment and programming coordination, network accessibility, solid distant network, and will likewise oblige a smoothed out and dynamic framework. In a perfect wor
Read more

Data Center Infrastructure Help to Retain Your Business Effectively

Image
 Each large organization that uses the computer has its data centre. This simply refers to the place where servers are kept. Because data is an integral part of any business and a key asset, it is important that they are stored securely and can be recovered. Many business models have established centralized information centers. A management information centre oversees the management of data within the company in order to maintain the organization. Data centre solutions It offers extensive security and 24-hour monitoring of data transmission. It is important to remember that data recovery processes are not always foolproof. Top-notch IT companies offer the most comprehensive record center solutions to ensure your data exchange is managed efficiently. These IT companies ensure that energy is conserved regardless of how they store the data. Private data centres are also available to store internet records. They allow small businesses to enjoy the advantages of large internet data centers.
Read more