(Read on IoTSSA | Read on CHANNELe2e | Read on Liongard.com)

Securing data has become a critical requirement for organizations around the globe.  Governments and industries are modernizing existing consumer protection and breach notification laws while establishing new standards of security. 

The last twelve months has seen records shatter in not only the volume of successful data breaches but the average cost of a breach as well.  Ransomware with extortion has drove this increase as seventeen different cyber-crime groups were using the business model at the end of 2020.

Technology has evolved tremendously since the 1980’s, yet most of the innovation has occurred since the creation of the cable modem and high-speed internet in the late 90’s.  Billions of dollars were invested to build faster and more robust networks both wired and wirelessly, the risk of data breaches was growing.

With the average internet speed in the United States breaking 50 Mbps in 2019, any user or criminal can transfer a gig of data in under 3 minutes.  With speeds now capable of exceeding 2000 Mbps, a nefarious actor could in theory transfer a terabyte of data in under 2 hours to anywhere in the world.

The mobility of the modern workforce has introduced new issues for data privacy as home printers, smart phone cameras, high-capacity USB flash drives all enable end users the convenience to copy and manipulate data without security controls.  In 2011, Kingston technologies found that on average 12,000 customer records were lost due to missing USB drives.  

COVID-19 forced organizations globally to accelerate plans for cloud computing, often placing security as an afterthought.  The expeditious deployment often meant misconfigurations and the lack of core security principals applied.  Cyber-criminals have identified and taken advantage of these vulnerable data stores and has been transferring and extorting data at a record pace.

Data privacy can be more secure with the implementation of four critical components to your security stack.

Change Tracking should be a core component to enable you to quickly identify what and when a configuration changed.  Being able to track changes from yesterday to today or a year ago to now have numerous security and business benefits including the ability to quickly see when a user was added, firmware upgraded, licensing changed, or a port forward was configured.  Not tracking the configuration changes of your core systems leaves you at risk.

When was the last time you had a team member login to every network switch to find the firmware version? Chances are that firmware version is out of date, and it’s not just network switches on your network with outdated firmware.  Every device with outdated firmware is a potential security risk and it can be time consuming to identify, document, and upgrade all these devices.

Understanding what user accounts have privileged access or even monitoring when the user security group which gives access to the accounting drive changes is also critical to protecting data.  Knowing who has access to what locally and in your cloud, storage should be documented and monitored for changes both legitimate and not.

You may be getting alerts today but it may not be enough, or you may be getting so much your team sees it as noise.  Establishing good Actionable Alerting is crucial to the items above and more.  You need to know that when something changes that meets the threshold you want that the alert is generated, and your team identifies the risk and corrects it if necessary.  Without alerting everything is a manual process going system-by-system, tenant-by-tenant.

Securing data for your customers, partners, and your business is a core requirement of doing business today.  Liongard has been built to help you standardize that documentation, secure both you and your customers networks, and free up technician time as you’ve automated documentation and monitoring so that you can focus on scaling your business.

If you’re not using Liongard today, sign up for a demo and see how Liongard can improve security and save expensive man-hours with automatic documentation and alerting.