how do you avoid data breach?

[LivHolmes]

The company where my husband is working, recently experienced internal data breach. It was not that major and was resolve asap. but these things are alarming especially to most organizations that don’t know what data they have or where it lives and that lack of knowledge can lead to internal or external data breaches. What are the ways that you can avoid these and how do you enhance data governance?

 

[GTP]

Lawdy, lawdy! Your asking us for the history of Cyber Security!

Start here: Get a proper Security/vulnerability Assessment by a qualified company like Kroll, Pwnieexpress, or Tenable Network Security.

User training and education, intrusion detection/prevention policies, patch management, system monitoring, proper backups, physical security assessments.... It is a long list!

 

[NviGate Systems]

One of the biggest failures when it comes to breaches (aside from not having proper infrastructure & support) is how staff deal with social engineering and best practices.

Although there are many scammers and hackers that are "out to get you", many of them rely on YOU making the first mistake. I've seen far too many companies that didn't have acceptable use policies when it came to technology in the workplace. You hear these stories of companies losing all data because one staff member was browsing some sordid sites or doing something personally they shouldn't have been doing on a work PC. One of our clients was recently hit with a Crypto Virus and lost all data because they all share files via LAN, so all files across the entire network were encrypted. Proper training on opening attachments and best practices would have prevented this. (A staff member opened an e-mail with the virus in it)

Point being, the majority of breaches and security issues that a company has could be prevented by educating staff and implementing policies and making sure staff comply. Some companies go as far as doing pat downs when staff enter and leave the building, and storage media are confiscated unless approved by IT. Others lock down systems so USB storage devices and optical media cannot be used.

You need someone to perform a security assessment and follow through with the recommendations. It may cost some dear $$, but management and staff can sleep better at night.

 

[Markverhyden]

There is no silver bullet so to speak. Like @Barcelona and @NviGate Systems said it's many things. And it's a never ending process. You start with a survey, but still have to execute those periodically. Things like anti-malware apps, email scanning services only go so far if the users are not properly trained. When I was doing support for at the DoD we had a series of training courses we had to take every year related to cyber security.

 

[ComputerRepairTech]

I've always been curious about those network security jobs. To me it seems like a risky career, i mean no matter how good you are and no matter how much you keep up (which is a ridiculous amount of work if you are trying to keep up) you can still be compromised. I understand the pay is really good but I think that kind of job would freak me out with worry.

 

[OldLace17]

The company where my husband is working, recently experienced internal data breach. It was not that major and was resolve asap. but these things are alarming especially to most organizations that don’t know what data they have or where it lives and that lack of knowledge can lead to internal or external data breaches. What are the ways that you can avoid these and how do you enhance data governance?

Data breaches are common and the first step is to be aware and knowledgeable about what causes those things. To avoid such problems you need to monitor and ensure that tags are safe and data process meets a certain standard. This is to eliminate unwanted data sharing.

 

[LivHolmes]

I got baffled when my husband was talking about data governance and data management. All along I thought they were one and the same.