Security breach 101: How to recognize and prevent cyber attackers

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.correctionsone.com/police-technology/software/jail-management/articles/8691343-Security-breach-101-How-to-recognize-and-prevent-cybe

Once an agency records management system has been updated or is newly put
in place, agencies should be mindful of potential avenues from which cyber
attackers can breach system security. Security incidents are on the rise at
an alarming rate annually. As these threats increase in complexity, network
security measures must also advance in order to safely deploy and manage
secure networks.

These security breaches can occur at any level within a law enforcement and
correctional information technology network. Information technology
managers and administrators must comprehend the level of threats
compromising their systems in order to keep their systems safe and secure.
Here’s how to recognize a security breach, potential avenues they can come
from and best practices for prevention.

What is a security breach?
A security breach occurs when data or records that contains confidential
personal or company data is lost, stolen or accessed improperly or without
permission. Additionally, a breach can occur through malicious software or
computer programs such as spyware which siphon user data. Breaches can
occur through worms which damage user files and operating systems.

Damage to a computer operating system can also occur through rootkits which
enter and hook themselves into the computer system kernel code and modify
it. Lastly, the most concerning malware is spyware. This breach occurs as
spyware enters the operating system, gathers data and relays it back to its
makers.

Any cyber attacker can make entry through the multiple inbound routes and
other available gateways such as email or spam. Simply installing antivirus
and antispam technologies on all agency desktops and laptops is a good
beginning, but, used as a stand-alone approach, is ultimately risky as
there are several other dimensions of the system which must be addressed.

How personnel can create a breach
Perhaps one of the most prevalent breach protection issues is personnel.
Seventy-six percent of network security breaches occur through a
compromised employee password. Even with the appropriate antivirus security
software in place, safe browsing and safe computer habits of personnel is
essential to a secure information technology system. Employees are
generally the weakest link in the security schema.

The ability for employees to keep secrets such as passwords and access
codes form the foundation for organizational secure networks. Strict
computer security including confidentially kept employee password access,
strict exit strategies for outgoing employees, vigilant email monitoring
and no third party storage device rules for employee work stations
throughout the workplace are essential tools.

Prevention is the first layer of defense when securing a network. Making
sure all anti-virus software programs are up to date and a system firewall
is on is a necessity. Regular scheduled maintenance and updates to this
software is vital to preventing a system breach.

How to train personnel
Simply training employees as what a dangerous link or email might look like
can easily prevent a cyber-attack. Viruses arriving as an email message
attachment are a common method used by hackers to distribute their “wares.”
Still, many users unknowingly open these dangerous and unknown file
attachments resulting in an entire network infiltration.

Educating employees as to what qualifies as a strong password can eliminate
the ability of hackers to make entry into a secure system network through
password breach.

Keep track of external storage devices
Information Technology departments should keep detailed records of employee
issued storage and other devices such as USB storage devices, wireless
communication devices or wireless hotspot devices. Each device has its own
potential data breach risk.

When devices are no longer in use by employee or department, thorough
wiping of data from all computers and devices is vital in order dispose of
all secure content thoroughly.

Write clear policies
Explicit and clear detail to usage, protection and information availability
must be in place and acknowledged by each employee, preferably in writing.
Policies regarding the physical security of devices including procedures
for securing computers or laptops daily at end of shift should be specific
and applied. Additionally, a policy regarding thorough background screening
of employees prior to hire and access to confidential information must be
enforced.

With this multi-level approach to system security, keeping a new or updated
records management system secure and virus free can be accomplished with
ease.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!