make a good business better

Blog Information Security

Print Divider Print Divider Branding
 

Mitigating Data Security Risks through Better Controls and Processes

10/14/2015  |  By: Jason Riddle, CISSP, President, Information Security

Share

Social Logo Social Logo Social Logo Social Logo

The pattern of data breaches over the past few years has shown that a small number of security controls are particularly effective in mitigating the types 
of attacks that have been in the news. There are a number of ways a company can be breached and it’s hard to pinpoint where network security teams should focus. And, since most organizations have limited security budgets, it’s critical to know which activities will provide the greatest return on your resource investments.

The following four controls, implemented properly, can greatly improve the security posture of most organizations:

1. Use network segmentation and network access controls to protect sensitive data.

Though it may be more convenient for internal stakeholders to interconnect all of your digital functions, doing so can leave your organization more vulnerable to breaches. Instead, identify systems which process and store your sensitive information, segment them onto different networks, and implement network access controls to protect them.

2. Employ application whitelisting.

As opposed to blacklisting, where you prohibit specific functions, applications or users, whitelisting green lights or approves access only to certain applications, users and functions. This move greatly reduces the opportunity for a non-approved user or application to infiltrate the system.

3. Review your patching/vulnerability management program.

Installing security patches to fix flaws in software has become a routine task for IT teams across the globe. And given the myriad of applications used by organizations today, it’s important to have a means of validating that all the required patches have been applied. That’s where a vulnerability management program can help. Vulnerability management tools scan your systems looking for missing patches or updates — just like an attacker would. The reports they generate let you know if you’ve missed anything, and tell you where to focus your patching efforts.

4. An intrusion detection capability — both network traffic and log monitoring.

Cyber criminals bank on organizations being complacent with their intrusion detection monitoring. Both servers and network infrastructure should be regularly monitored for unauthorized incoming connection attempts, incoming port scans, unusual root or administrator access activity, and modification of file systems. If we can agree that it’s impossible to prevent 100% of attacks, then it’s absolutely necessary to have a good detection capability so we can know when an attack succeeds. This early detection allows your organization to contain the impact and return to normal operations quickly.

Focusing IT teams on these four controls and processes will serve to reduce your organization’s risk of security breaches.

In an upcoming blog post, we’ll explore effective containment and communication strategies that companies should employ in the aftermath of a breach. 

Check out our free guide, Breach: Network Security Best Practices for Prevention, Detection, and Response, for more information on ensuring the safest network security for your firm.

On LinkedIn or Twitter? Follow us on LinkedIn and on Twitter @lbmcsecurity. Learn more about how our team at LBMC Information Security can help your team armor up with a wide range of network defense servicesContact us today!