We generally associate IT security breaches with the loss and theft of information due to the intrusion of hackers. Just think of the massive hack at Ashley Madison in 2017, which forced the company to negotiate with hackers or risk seeing all their confidential data published. A story similar to that of Sony, in 2014.
It security: an increasingly complex issue
The proliferation of online storage services, such as Evernote, Dropbox and Google Drive, increases security vulnerabilities and information leakage risks, and brings a host of organizational issues.
- Who owns the corporate information stored in the storage service?
- Who has access to the data?
- What prevents an employee leaving the company from reusing the data?
Internal data loss and theft: an increasing phenomenon
It is an increasingly common phenomenon within companies. In 2014, 67% of organizations reported having sensitive data lost or stolen in the previous two years. In 2016, this number increased to 78%.
This increase can be explained by a lack of vigilance and by certain errors that can be remedied quickly.
1. Overly broad access to sensitive information
62% of employees of companies have access to information that they should not see and which they do not use.
2. Badly protected user accounts
Access codes to protected information are often easy to uncover or are not changed on a regular basis. Two out of three breaches are from the weakness or theft of passwords.
3. Lack of monitoring and access control
• Only one-third of organizations have a strict access control system applied to all their activities. 26% do not use any system.
• Only 8% of companies review their current and former employees access to data storage software each month. 38% do it annually, and 24% never do it.
Seven solutions to strengthen it security in SMBs
Fortunately, there are simple and effective strategies to prevent the risk of hacking and data leakage within your SMB.
1. Secure the perimeter of the network
In order to properly secure the network perimeter, it is important to keep the firewall software up-to-date, and to put in place a continuous access review process.
To do this, there are many software solutions available on the market that can greatly facilitate your task. This is the case with Fortinet's Cyber Threat Assessment Program. This software is designed to provide organizations with a detailed analysis of the types and number of potentially dangerous cyber threats to networks that are not detected by current security solutions.
2. Network monitoring
Whether intrusions, illicit internal acts or simple negligence errors, it is essential to monitor your network at all times in order to fully understand what is happening and what actions are being taken. This monitoring allows, on a regular basis, to:
- Audit data access and changes;
- Enable the suspension of litigation messaging;
- Detect intrusions and identify abnormal or suspicious activities;
- Prevent data loss, for example by installing an intrusion prevention system.
3. Access control
It is also important to restrict access to only users such as administrators.
Monitoring of access and activity related to email and file systems is also required.
4. Management of access codes
It is essential to change access codes regularly and to use a password manager. Such a system makes it possible to never leave sensitive information on a piece of paper, while not having to share it on a large scale.
5. Protecting data
Data protection involves applying security updates and patches, notably Microsoft and antivirus, to servers and workstations. It is also of utmost importance to have an effective and reliable data backup system.
6. Establish a corporate cloud service
The implementation of a corporate cloud service avoids the proliferation of personal cloud services that make it difficult to control access. Once the system is in place, the important thing is to establish clear usage and security policies for employees.
7. Establish a termination process
Finally, SMBs must establish a clear and rigorous policy for termination of employment. They must ensure that former employees (AD Account, VPN Access, Cloud Services, accounts with suppliers and partners, telephony, BYOD) are closed and that corporate information is destroyed.
As expressed by the company Varonis very well, most data security breaches involve an already existing internal threat.
In most SMBs, the loss or theft of data comes from within. By securing your computer systems against the malicious intent or mistakes of your employees, you will be able to significantly reduce the risk of IT breaches.