Just a quick recap from my previous blog
where we focused majorly on How crucial data is and what’s even more
important is its security. We also saw some standard practices for
ensuring Data Security.
1. Disk Encryption- Converting data into a form that cannot be easily interpreted without a key that makes it legible.2. Backups- Creating multiple copies of data at regular interval so it can be recovered if the original copy is lost.
3. Data Masking- Masking certain areas of data so sensitive information can be protected from unauthorized access.
4. Data Erasure- Ensuring data no longer in use is completely removed and cannot be recovered by unauthorized people.
Threats are not always bound by external sources; we need to focus on Insider Threats as well which now a days are posing more serious risks to any organization. We do have lots of security measures inside our perimeter but is it not enough? Speaking of an organization like ESDS, need to protect its integrity from our staff, vendors, customers who have Co-located their servers, Contractors, etc. The in-depth knowledge of our Network Layout, Connectivity, Policies, Processes, Business practices completely lie in the hands of our staff members.
One interesting fact about security which I came across while browsing the security zone website is maximum data breaches occur due to Internal Attackers.
Threats are not always bound by external sources; we need to focus on Insider Threats as well which now a days are posing more serious risks to any organization. We do have lots of security measures inside our perimeter but is it not enough? Speaking of an organization like ESDS, need to protect its integrity from our staff, vendors, customers who have Co-located their servers, Contractors, etc. The in-depth knowledge of our Network Layout, Connectivity, Policies, Processes, Business practices completely lie in the hands of our staff members.
One interesting fact about security which I came across while browsing the security zone website is maximum data breaches occur due to Internal Attackers.
The study also revealed, Organization that incurred serious loss and negative financial impact was of major share of 68%.
Most of the Internal Threats can be
prevented rather it is manageable to prevent by giving proper Trainings
to the employees. What an organization needs are a clearly drafted and
defined policy framework that is implemented across the complete
organization and monitored regularly by the Security Teams. Following
are some of the steps which will enable an organization in prevention
against internal threats.
1) First Security Policy
Your ISMS 27001 should include the
Information transfer process. How is the data flow for Internal Teams?
Similarly, while sending data outside your organization, it should be
sent through secure network.
Organization Chart is another important aspect. Hierarchy should be followed in-case of any incident. Specify in your Security policy who is allowed to access which data. Even with whom the employees are allowed to share the data. Inform the consequences if any data is mishandled.
2) Educate your employeesOrganization Chart is another important aspect. Hierarchy should be followed in-case of any incident. Specify in your Security policy who is allowed to access which data. Even with whom the employees are allowed to share the data. Inform the consequences if any data is mishandled.
Every department of your organization
has some localized data within the department. This data might be of
high or low importance. It may relate to Marketing, Sales or Personal
Information of any customer. To secure this data from your employees,
they need to undergo security training sessions. The best way to reduce
risk from Internal Threats is to provide High end security training;
explaining the importance of data and what will be the consequences if
they fail to follow the security standards. Make the training
interactive with some security related games. We do not say that
employees will do any malicious incident but at least if they see, they
may recognize it and will raise a red flag to their seniors.
3) Classify your Data
Data is classified into 3 main
categories: Restricted, Private and Public data. This classification is
mandatory in every organization and for every process. It should be
included in your Security Policy. This helps the security team to easily
rectify the data and its severity. Access to the classified data will
be based on the designation of employees.
4) Physical Security
Every valuable computer must be highly
secure. Only the ones who are handling the data must have the access.
Use of CCTV to monitor the sensitive areas. Dual Factor authentication
using smart cards or pins must be implemented in Secure zones like Data
Center, Stores, Legal etc. Even consider biometric authentication for
all your employees. Use of USBs must be restricted for the employees
unless it is necessary. It should get scanned from IT team before using.
5) New Hires Screening
One way where you can minimize the risk
is during the employment process. The role of HR begins while hiring a
new candidate. A thorough background check is necessary before the
employee gets on-board. HR needs to perform checks not only at the
professional level but also a complete family background check if
necessary. For an organization security of data is the main concern.
After onboarding the employee should undergo training on Security
related to the organization. Not only this, when any employee leaves the
organization, HR needs to revoke all its access and make sure before
being relieved the employee has submitted all the data which he was
holding in his possession.
6) Strong Authentication
A strong password policy should be
followed. The password should change on biweekly basis to prevent any
kind of loss. Every system, servers, and the storage must be in Dual
Authentication mode.
7) Monitor for “Abnormal” Behavior
Try to install right software and
devices with proper access control. You need to use granular access
control to monitor all the activities of the systems. Unauthorized users
must be blocked from logging into the sytem. Track the behavior and if
you find any abnormal action track the behavior and raise the red flag
for further investigation and any Legal implications.
For investing on security we always look
for reliable service provider. If you want more details on External and
Internal Threats and about securing your organization, you have come to
the right blog!
Request you to visit https://www.esds.co.in/soc-as-a-service for our offerings and experience of (Security Operation Center) SOC as a Service.
No comments:
Post a Comment