How to Safeguard Your Business’ Data

Your data is worth a fortune on the dark web. What are the best practices to adopt for your company’s cybersecurity?

To protect your computer data, make sure you have a good computer security posture:

Understanding how cybercriminals work is key to ensuring that your corporate computer data is safe. How do they gain access to your data?

They steal your identity information, either by using phishing emails sent to your users or by exploiting vulnerabilities in systems and applications that may be out of date. They then determine which of your data are the most sensitive so they can exploit them.

Here are some best practices to improve your protection.

Classify your data by importance

The first step in a process to improve your computer security posture is to classify your data by importance. Here are a few key questions you need to answer BEFORE starting to implement efficient controls in a governance context:

Once you are able to properly answer these questions, you can begin to build a defence system to protect your most critical data according to your organization’s risk level. Too often, organizations spend a lot of money on controls to mitigate attacks, without ever taking that crucial first step.

Be aware of internal threats

A ransomware attack is the act of breaking into your systems and taking over your data by encrypting it and compromising your backups.

The criminals will demand a ransom in exchange for the encryption key that will allow you to recover your data. However, in many cases, even if you pay the ransom, your data will already be made available to other criminal organizations on the dark web. This is the multiple extortion model where a second lever can be used through blackmail, or worse, making you lose access to your data forever, since criminals find that selling this data on the dark web is of greater interest. This is why it’s important to protecting yourself against it.

However, the threat to your data can also come from within and you must also take this into account in your protection plan. Here are a few examples.

Careless workers

Careless workers may unintentionally put the organization at risk:

Employees who leave

Employees who are terminated or voluntarily leave could take organizational data with them:

Hindrance to productivity

Employees could circumvent security because it hinders their productivity:

Malicious employees

Malicious employees who have a grievance against an organization may choose to act on it:

Infiltrators

Infiltrators, working on behalf of an outside group may want to commit a data breach or other industrial espionage attack and allow an outside group to gain access and user privileges. These insiders may be:

Third-party partners

Note that third-party partners can pose the same threats and cause the same damage as an organization’s employees with similar access.

According to Threatpost, 94% of organizations provide their vendors, suppliers, business partners and others with access to their networks and systems, and 72% of these third parties have elevated permissions on those systems.

If they have poor cybersecurity hygiene, they put you at risk every time they log into your systems.

Choose the best means of protection

Once you have classified your data, there are practical and simple ways to protect your most sensitive and critical data from any type of attack.

Encryption

Make your data virtually unreadable by anyone who doesn’t have the key, both while in storage and while in transit or in use.

Secure, offline backups

Make sure your backups are not only online, otherwise they could also be compromised, making them impossible to restore.

Eliminate unauthorized file editing, deletion and movement

If you are using Active Directory (AD), there are simple solutions to protect your unstructured data and set up monitoring of your dark web footprint.

Email threat filtering

No single solution can eliminate all malware and attacks, but by eliminating most of them, you will significantly reduce your attack surface and risks.

User awareness

Your users have phones, tablets and social media accounts. Make sure they are aware of their dangers to the organization.

Password policy

How many of your users have the same password for work, their social media or their bank accounts?

Multi-factor authentication

The second static factor is no longer sufficient and hasn’t been for a long time. You need a solution that incorporates time and location and other attributes to prevent remote access to your data.

Third-party suppliers and super-administrator access

You need an approval process for all external and internal access to sensitive systems, as well as a complete audit trail and indexed log of every action, including orders.

24/7 detection and response management year round

Monitoring of your files, desktops, servers, networks, mailboxes, and user behaviour should be ongoing and include real-time automated risk mitigation, isolation and remediation.

Zero trust model

This innovative security model ensures a secure connection by eliminating transitive trust and continuously identifying and authenticating each device and user before granting them access to network applications. Your onsite and remote users can securely log in to their work environment with trusted user and endpoint identification and multi-factor and biometric authentication.

You need to construct layered data protection with redundant controls to make it more difficult for cybercriminals to access your data. No single solution will eliminate all threats. However, knowing what your IT security posture is and what IT data needs to be protected to ensure your business’s health provides your organization with solid protection against cyberattacks.

This article was written in collaboration with Harold Walker, Senior Director of VARS, a subsidiary of Raymond Chabot Grant Thornton, specialized in cybersecurity.