The 5 pillars of data security

The 5 pillars of data security

Page-1-Image-1
Business owners in Kansas City know the importance of data security, but so much uncertainty surrounds what actually comprises a sufficient cybersecurity system. Especially now with COVID-19 making cybercriminals even more vicious and forcing companies to tighten belts, spending the right amount on cybersecurity is critical for business survival.

To determine this amount, you need to go back to basics. Learn what every cybersecurity system fundamentally needs — namely the five pillars of data security — then build your very own framework around these.

Access control

span class="font-italic"Problem: The majority of data breaches actually involve employees. They:

  • Fall for phishing scams, download malware-ridden attachments, use unsecure connections, and forget to keep their software up to date.
  • Mistakenly send files to the wrong people.
  • Lose the laptops, smartphones, thumb drives, and other devices they use for work.
  • Steal, sell, damage, or delete data if they are disgruntled or part ways with the organization on unfriendly terms.

Data breaches caused by employees wouldn’t be as big of a problem if only staff had access to just the files they need to accomplish their tasks. However, in a recent study, cybersecurity firm Varonis found that:

  • 15% of the businesses surveyed had more than one million folders that any employee could open.
  • Among companies that had over one million folders, 80% had more than 50,000 folders that were open to all staff members.
  • 53% of firms had in excess of 1,000 sensitive files that were accessible to each staff member.
  • Businesses, on average, had 50% of user accounts that they should have already deleted but didn’t.

In short, you need your IT admins to implement more stringent access controls (via an identity and access management solution or something similar) over your data to prevent it from falling into the wrong hands.

Authentication

Problem: Cybercriminals commonly pretend to be a trustworthy or authoritative entity, such as a colleague, a boss, a third-party partner, or a reputable organization, to steal a person’s account credentials.

Solution: Cybercriminals may end up with the usernames and passwords of legitimate users, but that doesn’t have to mean that the bad actors could already access the accounts linked to these. By implementing multifactor authentication (MFA) in your access gateways, you force each user to submit additional proof of identity, such as a fingerprint scan or a one-time passcode sent to that user’s mobile phone.

Backups

Problem: It’s easy to lose data to hacking, accidental and intentional deletion, hard drive reformatting, and damage to storage devices due to natural disasters. Lost data often means lost time, effort, productivity, and customers.

Solution: Have a reliable backup system that creates copies of your data as often as you need. For data that is updated constantly, such as transit information of goods being delivered, you’ll want backups done daily, if not hourly.

And to hedge against the risk of losing your primary data storage devices to fires, floods, or other disasters, you need to store your backups away from your headquarters. You can keep the backups in physical hard drives and place these drives in remote office branches or bank vaults, or use cloud storage services such as Amazon Web Services, Google Drive, or Microsoft OneDrive.

Data erasure

Problem: When discarding old computers or freeing up space from data archives, you might only go so far as to delete data. Unbeknownst to you, deleted data could still be recovered months or even years since deletion and be used illicitly.

Solution: Go beyond data deletion by erasing the files instead. While the two processes may sound similar, data erasure ensures that data could no longer be recovered. This means that those who would fish for sensitive files from your old machines would always come up empty-handed.

Encryption</3>

Problem: Once bad actors hack your accounts, hijack unsecure connections to your network, or breach your firewalls, they could freely read, copy, or steal your data.

Solution: Use a solution that encrypts your data at rest (i.e., when it is in storage) and when it is in transit (i.e., when it is being transmitted). In simplest terms, encryption turns your files into unreadable strings of random numbers and letters, and only those with the decryption keys could turn the files back into usable data. This means that even if thieves would steal your files, their efforts would be in vain unless they also get a hold of the decryption keys — which you would obviously protect with additional security, such as the MFA mentioned in the “Authentication” section above.

Companies in Kansas City rely on Umbrella to comprehensively secure their data. To learn more about how our top-notch and cost-effective services can protect your business, download our eBooks on cybersecurity and backups today.


FREE eBook: A comprehensive guide on minimizing downtime!DOWNLOAD HERE