Preparing for a data breach incident
Posted on August 11, 2015 in Data Breach, IT Security, IT Security Assessment
Preparing for a data breach incident
1. Make a disaster recovery plan that details very specific steps for what to do and what each employee’s exact responsibilities are if a data breach occurs. From an IT perspective, ascertain what type of breach it is (virus related, private data accessed or other malicious activity) and develop very concise steps to take to address each type of instance. Have multiple data restoration options available and test them regularly for reliability. Build contact lists of vendors and key response personnel and create a business continuity plan in the event that your IT systems are rendered unusable. Your IT group should also document baseline configurations so as to use them for comparison purposes.
2. Test and work the plan on a regular basis in an effort to better train your key personnel and to keep your disaster recovery plan updated with your ever-changing office environment. Incident preparedness training ensures that all company personnel are ready to handle data breaches before they occur. Training should include employee awareness for all of the overall security plan and the related response measures so that they help rather than hinder the recovery process.
3. Commit the proper amount of resources to prevent an attack. And this means committing monetary resources on an annual basis to proactively address security issues. It is much less costly to be proactive than to be reactive. The “It won’t happen to me” security approach is a recipe for disaster.
4. Consider data breach insurance which will help offset much of the cost of a data breach incident. These plans are not new and should become a staple item when reviewing annual insurance coverages.
Some basic strategies for safe and private web browsing
- Spam email filtering
Spam email introduces web links or attachments in emails that entice your users to click potentially introducing viruses/malware on business computers/networks. These spam emails can also redirect your employees to websites where they offer up information (either personal or business) that should remain private or confidential.
- Internet content filtering
An effective web content filtering solution is essential for because granting your employees unfettered access to the Internet opens your company to a multitude of problems.
- Security: Grave risk to the companies’ security.
- Legal Trouble: Liability of inappropriate content.
- Productivity: Loss of employee productivity due to Internet abuse.
- Use private browsing options for your browser
Mozilla Firefox – https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history
Google Chrome – https://support.google.com/chrome/answer/95464?hl=en
Internet Explorer–http://browsers.about.com/od/internetexplorertutorials/ss/How-To-Activate-Inprivate-Browsing-Mode-In-Internet-Explorer-11_3.htm
- User alternate web browser
WhiteHat Aviator – blocks holes through which most malicious sites infect your computer. It cuts out all ads and disables the media autoplay.
- VPN (virtual private network) web browsing
- VPN cloaks and encrypts your signal, making your online activity completely illegible to any eavesdroppers.
- VPN manipulates your IP address, making you appear to come from a different machine/location/country.
Remote Employees and IT Security
Posted on in IT Security, Remote Access
Q: What are some IT standard practices and procedures that we should implement when dealing with our field or remote employees?
A: Depending on the technology needs of your remote employees you should implement the following as standard security practices:
(a) You should have a plan in place where the technology in the field returns to the main corporate office on a regular basis for security and software updates; (b) Field computers should have local firewall software installed for browsing the Internet off-site (Windows firewall does not count!); (c) Limit or forbid use of public wireless networks (Use personal mobile hot-spots instead); (d) Eliminate and restrict actual data on the local computers (use remote application servers for running apps and storing data. Use the local computer as a “dumb-terminal”); (e) Make it policy that employees are using VPN (virtual private network) when accessing company servers and data remotely; and (f) If data must absolutely reside locally on the remote computers, use hard drive encryption built into the notebook’s base system or use third-party encryption software.
Q: Smartphones have become an increasingly large part of our field employee’s toolkit. What should I do to protect ourselves with regard to these computing devices?
A: (a) Make certain smartphones are owned by the company and used for the company business ONLY! (You cannot dictate IT policy on an employee’s personal phone); (b) Again, use local cellular data plan rather than public Wi-Fi access for accessing data and browsing the Internet for information; (c) Password protect and auto-lock your devices; (d) Use remote find and/or remote wipe capabilities of the smartphones if they are lost or stolen; and (e) Limit your use of document sharing/sync apps (Sugarsync, Box.net) and of course … iCloud! I95
