BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Eliminating security gaps: how well prepared are we?

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 24 Dec 2015 19:10:09 -0700
http://memeburn.com/2015/12/eliminating-security-gaps-how-well-prepared-are-we/

The news is full of stories of computer hackers gaining access to private
records. One of the most noticeable things that these stories are saying is
that it can happen to anyone. Governments, big businesses and small
businesses have all been impacted by hackers attacking their computer
systems. Hundreds of millions of private records have been taken. It is
easy to argue about the impact of the problems when these security breaches
occur and no one will ever know for sure how safe a person’s information is
on the internet, but that does not mean that this issue should be ignored.

Individuals expect that when they provide private information to a
business, that it will be safe and secure. They hope that when they use
their credit card at a business, that the charges made will be accurate.
The individual will do what they can to make sure they are keeping their
information safe, but in the end they have to rely on the security of the
businesses that collect this information to do their job as well. A smart
business will divide the problem into two areas. They will work to prevent
any breaches from occurring and they will work to correct any problems that
occur as the result of a security issue.

Preventing Security Breaches

The best way to avoid any issues with a hacker getting private information
from a business is to prevent it from happening. Businesses have several
tools that they can turn to help them in this process.

Have Virus Protection

No computer system should be operating without some type of computer virus
protection. A virus can damage the computers that it infects, but it can
also be used to access private information. Businesses should get a virus
protection that is designed for business and should make sure it is always
working and updated.

Train Employees

One of the easiest ways that hackers gain access to a business’s computers
is through an employee that makes a mistake. They may give out their
password accidently or they may take shortcuts that put their computer at
risk. If one computer in a business is at risk, all of the other computers
in the network are also at risk. Teaching employees the basics of computer
security is a smart thing to do.

Know your equipment and people

A smart business will have a listing of all of the equipment that has
access to their network and all of the people that have access to it. They
will monitor this list to make sure that only the people and equipment that
is allowed is accessing the system.

Test Your Systems

A business that says they have the best security in place and they don’t
need to test it is the business that is the most vulnerable. The hackers
are always working to breach even the most secure systems. By testing and
auditing the systems in place and making sure they are all being followed,
a business will be less vulnerable.

Correcting problems

For some businesses, despite their best efforts, a breach will occur. In
this case the reaction that a company has will go a long way in determining
how much damage the breach actually causes. Putting some things in place
can help mitigate the problems of breaches.

Detect any problems

A good system that is in place to prevent any breaches will also be able to
detect when it happens. The earlier a breach is caught, the easier it is to
stop and the less damage will be done.

Determine the extent of the damage

A company needs to figure out how much damage has resulted from a breach.
Regular audits of the system is one way to understand what an attack has
done.

Fix the breach

Once a system has been attacked, the chances of it happening again will go
up. It is important to look at why a security breach occurred, how it
happened and what systems were not working to prevent the breach. Steps to
correct any problems with the security of the business have to be remedied
immediately.

Most businesses understand the importance of security. It is why businesses
used to put safes in their locations. They wanted to keep valuable things
in a place that was not easy to get to. The use of computers and technology
has changed the types of things that a business has to protect, but the
idea is still the same. All of the information that is essential and
private for a business needs to be locked away in a manner that keeps it
safe from anyone that should not have it. A successful business will
realize this and add the steps to their security that they need.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: