In the wake of eBay’s recent data breach, many consumers and security professionals have been extremely vocal in their protest of the company’s response to the situation; some are calling it one of the worst corporate crisis responses they’ve ever seen. eBay’s stock price in the days after the breach took a major hit, dipping to the lowest since December 2013. When considering the costs of a data breach, damage to company systems, loss of intellectual property, remediation and forensic costs are usually what come to mind. Some organizations also factor in the cost associated with reputation damage, which may harm revenue, as well as industry fines or possible prosecution. Thycotic, a provider of privileged account management solutions for global organizations, has compiled the following list of best practices for mitigating data breaches and avoiding the costly headaches associated with them.
Thycotic Software deploys smart, reliable, IT security solutions that empower companies to control and monitor privileged account credentials and identity access for administrators and end users. An Inc. 5000 company, Thycotic is recognized as the fastest growing privileged management vendor in IT security and one of the top 30 fastest growing companies headquartered in Washington, D.C.
Click through for five best practices organizations should consider to help mitigate data breaches and avoid the costly headaches associated with them, as identified by Thycotic.
Practice better password standards
With recent vulnerabilities like the OpenSSL Heartbleed bug, organizations have learned that relying on simple, easy-to-remember passwords that are not regularly rotated leaves them at risk for threats. By enforcing strong password practices internally for both end users and non-human accounts, organizations can ensure the most basic levels of protection from external threats are in place. Long, complex passwords and scheduled rotations of passwords help shield against hackers and social engineering tactics that rely on low levels of effort to execute. Oftentimes, simple best practices are enough to encourage cyber criminals to move on to their next target.
Secure your kingdom
Traditional spending on perimeter security is no longer sufficient and more attention needs to be paid to how breaches are caused and escalated. An often overlooked area is the inadequate management of privileged accounts – these are the proverbial “keys to the kingdom” trusted to the IT administrators, but typically have little controls or accountability on their use.
By leaving these keys unmanaged, organizations find themselves completely exposed to a breach either through accidental misuse or from a deliberate attack. Solutions that help IT administrators manage privileged accounts are readily available and many can be customized to fit each organization’s unique needs. Some solutions even tout the ability to enable non-technical personnel to manage their own accounts and passwords more effectively without the need for IT support.
Bridge the communication gap
As many large organizations have learned recently, your worst enemy can often be a former member of your team. Companies may find themselves at risk of an internal attack any time an employee with even limited amounts of access and responsibility leaves the company. A disgruntled employee can cause significant damage to a company by accessing and stealing sensitive data as a result of turnover and unrevoked access to sensitive accounts. By strengthening communications between IT and other important business units, such as HR, these situations can be avoided by ensuring a seamless transition of access any time an employee enters or leaves a company.
Give IT security a seat at the table
IT security needs to be included at a strategic level in the steering of any organization, but often is an overlooked priority delegated to the IT department instead. As the recent Target breach proves, C-level executives are certainly not immune to the fallout from such an event and smart companies are quickly adapting by changing their internal reporting structure. Now the CISO may report directly to the CEO or CFO rather than the CIO, giving IT security a seat at the senior management table with direct access to executive decision makers and budget. This is especially important to ensure appropriate IT security staffing, training, technology and best practices are implemented.
Monitor your team’s activity
Monitoring employee behavior and account usage can help organizations detect a suspicious pattern that stops an insider threat before it occurs. However, this strategy is usually ignored due to a lack of intelligent execution just shy of placing surveillance cameras on IT employee desks. Instead, organizations should utilize best practices around keylogging, auditing and live monitoring of IT admin sessions to ensure that a detailed audit of each user’s activity is readily available, which can be used to identify suspicious activity before a breach occurs, or to quickly identify the source of an attack that has already taken place.
