6 Security Fixes for 2020
With a fresh new year in front of us, most look to the exciting ways technology can improve our lives. But there are some in cyberspace intent on doing whatever it takes to make money, including taking or destroying your sensitive data, impacting the lives of your customers and employees through cybercrime.
The data may strike you cold:
- 53,000 incidents and 2,200 data breaches reported in 2018
- 1 billion records exposed in the first half of 2019
- A single unsecured database found in November left 2 billion records exposed to anyone on the Internet
- 60% of small businesses fold within six months of a cyber attack
A decade ago, securing your business meant having an antivirus system, a basic firewall, and regular backups. But now that digitalization is a crucial part of businesses in any industry, more windows are opened to data theft, privacy compromises, and malware attacks.
A secure business today requires multi-layer defense to prevent, identify, and mitigate these growing and varied threats. Security must be applied to every aspect of the business, including cloud services, employee training, and third-party supplier management, to name a few.
At CloudWyze, these are some of the things we work on every day:
- Network security: Cybercriminals will stop at nothing to access your network. We monitor network traffic and remote access, offer intrusion detection and prevention, and secure network components.
- Endpoint security: Your system endpoints aren’t just desktops and laptops, but include storage devices, IoT devices, etc. Each serves as a potential entry point for hackers and cyber criminals, which we battle with both strong antivirus, application, and device management techniques.
- Account monitoring & access management: Don’t give potential insider threats access to key assets. Allow employees to access only the information as needed for each individual’s role. Leveraging services such as Active Directory helps keep employees, contractors, and vendors in check.
- Patch management: Keeping up with system patches is time consuming and is seldom managed well. With remote monitoring, our management tools run in the background, continually checking for updates. When available, patches are applied during off-hours. Now that’s proactive.
- Email and DNS Filtering: Business email compromise and social engineering are taking on a new face. Criminals are getting personal, doing research on your staff and sending specially crafted and realistic emails to you and your employees. Consider a message sent to your comptroller from the CEO saying, “I’m in a meeting and can’t get to this – please transfer $50,000 to XXXXXXX account.” It looks like it’s coming from the CEO’s email address… but you’ve just lost $50,000 to a criminal. Filtering these items out and educating your team is vital to all
- Misconfigured Cloud Servers: If cloud servers are not configured and managed appropriately, the sensitive data in your cloud may be at risk. Research by Digital Shadows found 2.3 billion files exposed publicly through misconfigured Internet-connected servers. Storage depots with terabytes of data are being left open, resulting in easy access for criminals crawling the Web and looking for a way to get your data.
How confident are you about the confidentiality, constant availability and integrity of the data you use or store? What practices and processes are in place to ensure your data isn’t being used or accessed by unauthorized individuals or parties?
Cybercrime is on the rise. In the first half of 2019, there were 54% more data breaches than in 2018. As we enter 2020, let’s see if, we can do better together. Call CloudWyze – we’ll help you protect what you’ve worked hard to build.