7 ways to stop data breaches

The experts all say that data security goes beyond the use of technology. Nevertheless, there are numerous tools and techniques that IT professionals can use to improve their organization's stance on data security.

• Data encryption. Sensitive information should be encrypted when it is at rest and in motion. Francen says one of the top causes of data breaches is lost or stolen laptops or other portable media such as USB flash drives. Simply encrypting the data on these devices can vastly reduce the risk of exposure.
• Patching. All software and hardware devices need security updates from time to time. IT organizations must have a formal patch management program. According to Verizon, 90% of known vulnerabilities exploited in an attack had patches available for at least six months before the breach, but the patches had not been applied.
• Configuration and change management. According to Verizon, misconfiguration of hardware and software is a leading factor in data breaches. Last December, a misconfigured network allowed inmates of the Plymouth County Correctional Facility in Massachusetts to go beyond using the network for legal research and to access personal information about the facility's employees. Even worse, a former inmate is accused of hacking the system to cause the misconfiguration.
• Event logs. In the Verizon investigations, evidence of events leading up to 82% of data breaches was available to the organization prior to actual compromise. The event logs tell a story — all you have to do is read it.
• Network perimeter defense. Although the traditional notion of a "perimeter" is always shifting, defending the edges of the network is still critically important. Intrusion detection/prevention is like the canary in the coal mine — it's the first warning sign that something isn't right.
• Antivirus and antimalware applications. It's believed that the Hannaford Bros. breach was enabled by a malware application that was planted on the chain's payment processing servers. Numerous tools are available to help prevent the ingestion and spread of harmful software programs.
• Third-party connections. Research from Verizon indicates third-party assets are increasingly used to launch attacks. Security experts recommend isolating third-party connections to limit what these "inside outsiders" can do.

< Return to main story: Don't be a data loss victim >