Data Breaches: Be Proactive, Active and Reactive
Recently, I was interviewed by Luke Moretti for the WIVB (News 4 Buffalo) article, Big and small companies on the radar of data hackers. The challenge with a story like that is that there is so much to tell, but you have so little time to tell it. Although my interview (and tour of our Cloud Based Data Backup & Tape Vaulting Facility) lasted for about 30 minutes, they aired just a minute or two, amounting to a few 'powerful' phrases and statements. The special report included interviews with a UB Professor (specializing in Data Security), as well as a well-known area insurance professional (who specializes in cyber-security coverage).
If you had seen the special report, you might not have understood where each of us was coming from, and how each of our perspectives combine in a way for a more All-Inclusive Data Protection Strategy. I'll try to explain here, succinctly. True data protection is not just one or two programs or processes, and then you're done. It is way deeper than that. Think of Data Security like an onion: there are LAYERS of Security, that 'the bad guys' have to thwart to get in.
During the interview, I provided ways to attack these layers of security, but I would like to further explain each layer:
First: You have to be PROACTIVE: get ready for a breach before it happens. Do an inventory of all of your informational assets, both physical, electronic and virtual (and where they reside). Log who has access (and probably why). Access should only be given to those with "Need to Know" clearance, period. Next, put into place a 'perimeter defense'. This is typically via a network security provider equipped with the best hardware and software. Up front, Vulnerability & Penetration Testing, Intrusion Detection and Logging Systems, as well as Security Event Management systems in place. Some IT companies have specialists who can provide these services - others cannot and you/they have to bring in outside support. Being PROATIVE also means: TRAIN YOUR EMPOLOYEES! Educate them on the risks, what 'suspect' intrusion attempts typically look like, how breaches occur, typical events leading to one, etc. The 'human element' along with 'human error' leads to a high percentage of breaches. Lastly, plan out HOW YOU WILL RESPOND TO A BREACH when it happens.
Next: be ACTIVE: Routinely and consistently have Vulnerability & Penetration Testing performed and consistent review of Intrusion Detection and Logging Systems, as well as Security Event Management systems reports. DO NOT FORGET - Have GREAT backups of your mission critical data. In the event of a ransomware attack, just about the only way to get your data back (short of paying the ransom) is to RESTORE IT FROM BACKUPS. (This connection/clarification was not made during the special report). We have assisted many clients who have been hit with these.
Lastly, when necessary quickly be REACTIVE: I'm not suggesting (you jump up, ranting, raving in a panic). I'm speaking of a controlled reaction. The thing is, if you were PROACTIVE, your response WILL be better planned out and controlled. You should plan for a breach and how you will respond to it in stage 1. Tools available (laid out in stage 1), that when enacted during a breach, make the response a better managed 'process'.
My goal is to help our clients understand how to protect their information the best they can. With 40%-60% of small/medium sized businesses attacked routinely, it isn't a question of if, but when. Please be ready, not a statistic. That brings us to another 'news' story: something new (and exciting) about Lincoln Archives. Stay tuned for more information.
by William Palisano