Category Archives: Antivirus

Keep Sensitive Data Secure on a Tight Budget

As more services move towards the cloud, it is important to establish network security so as to ensure secure data transfer. Similarly, businesses that manage critical personal data need to maintain airtight security policies and procedures. Not having such policies in place may lead to security breaches or expensive client lawsuits. According to a 2016 report from the Ponemon Institute, almost 50 percent of small organizations that were surveyed experienced a data breach in the previous year. Another research by Symantec found that almost 43 percent of cyber-attacks in 2015 were targeted towards small businesses, up from 18 percent in 2011.

Small businesses make for an enticing target as they usually do not have the necessary security controls in place to secure their financial data from internal as well as external threats. Here are some low budget tips that can help small businesses keep their financial data safe.

  • Install proper network and work station controls such as properly configured firewall, anti-virus software, and updated patches for all hardware and software. Criminals usually try to exploit sensitive data such as Personally Identifiable Information (PIT), business trade secrets, financial data and other critical company information. Organizations must have restrictions in place for allowing only the least number of employees having access to sensitive information, especially financial or that related to security. Strict compliance must be ensured and employees must be trained and updated about it. This will help reduce incidents of data loss/ theft. Access to all storage, computing and online-based media like servers and databases must be restricted to only a few trusted employees.
  • Establish a culture of security by training and informing employees about accessing unsafe websites while at work that may result in major breaches. Companies may also resort to block access to certain sites for security reasons.
  • Conduct periodic testing to keep a check on vulnerabilities. The frequency of testing must depend on functional criticality and size of the company. With smartphones being used as devices for transfer of data, companies must ensure that these devices also fall under the purview of DLP policies and practices. Mobile devices must have anti-virus software installed and be up-to-date.
  • Get finance teams/ CTOs involved to understand the risks involved and get a holistic view of what can be done to mitigate these risks at the base level – without incurring too much cost.
  • Implement two-factor authentication along with strong password policy. Two-factor authentication requires use of a password plus a code or a biometric marker to access data. The additional layer of security makes access to sensitive data more difficult.
  • Set aside a small budget specifically for continuous monitoring or security-related loopholes to help ward off any attacks and threats. If utilizing the services of third party vendors for securely managing data, have a Service Level Agreement (SLA) which details security expectations and gives the right to thoroughly audit the vendor to confirm and ensure compliance with policies.

In essence, by just implementing and following certain basic tenets of security, most organizations can secure their sensitive data with bare minimum costs.

Insider Threat is a Growing Problem in Government: Are We Overlooking?

Cybersecurity has become a top priority for government, yet research shows that “Government” is one of the most vulnerable sectors when it comes to insider threats. Often action comes quite late and signs remain unreported for years either due to unwillingness or inability of colleagues to accept any such possibility.

A 2015 survey by Symantec revealed that If IT administrators in government organizations do not terminate network access quickly enough, the results could be disastrous. The survey reported that nearly 45% of federal departments were targeted by insider threats over the year, with 29% losing data as a result.

Over the years, even though data loss prevention has become a more sophisticated technology, aimed at preventing data breaches, insider threat has continued to evolve into a more complex problem. This is because technology adoption in government is not just slow and tedious, but also requires considerable amount of training for successful enforcement.

There are 4 key challenges that government organizations need to address for better management of their data security strategies.

1.Infrastructure is Under-Equipped

The budget allotted to government IT departments has always been frugal in comparison to other sectors. The IT systems that are operational are thus neither modern nor updated. Budget constraints often result in usage of old, obsolete hardware and software that are not equipped to handle the more complicated data breaches.

2.Technology Purchase is a Slow Process

Process of purchasing technology is often slow and lengthy. Various factors such as RFP, bidding, political environment, preferred vendor etc. influence the purchase decision and by the time the purchase gets approved, the ordered technology itself becomes out dated.

3.Stealth IT is Creeping in

Easy availability of cloud offerings and bring-your-own-device (BYOD) have resulted in shadow/ stealth IT coming into practice. Employees often resolve to solutions that they think would be the best, resulting in sporadic practices where data might not be properly managed or protected. This results in exposure to unauthorized people.

4.Compliance is Becoming Complex

Government organizations need to meet major compliance regulations such as FISMA, NIST 800-53, FIPs (up to level 3) and Common Criteria. Depending on the sector they operate in, compliance with HIPAA-HITECH and PCI DSS is also required. Regular training and education is essential for organizations to meet these complex compliance requirements.

Keeping in mind the above stated challenges, Zecurion has identified some best practices to minimize the risk of internal threats. These are:

1.Early Detection through Proactive Monitoring

Having efficient algorithms and rules for the network helps detect early if personally identifiable information (PII) is being accessed without proper authorization. Many automated tools are available today that can discover any such breach at the initial stage itself. And early detection can thwart data loss incidents.

2.Comply with FedRAMP for Secure Cloud Adoptio

Old, redundant legacy systems being used are primitive. And IT budgets are limited. Therefore implementing cloud solutions that have enhanced security features will be both cost effective and agile. Government organizations that adopt cloud need to comply with FedRAMP.

3.Encryption is a Must-Have

Government organizations are mandated to have encryption. Solutions that encrypt information on hard drives, disk arrays and SAN storage through sophisticated cryptographic techniques, protect sensitive information whenever physical control of the media is impossible.

4.Multilayer Security Authentication

Multilayer security authentication is a must. Options for finger print, retina test or scanning of a smart card should be added to regular password options to establish identity of the actual user. User role needs to be identified comprehensively, and accordingly the extent of authorization should be granted.

5.Update Security Patches Frequently

Antivirus and firewalls should not be outdated or obsolete. The software should be current and running 24/7 365 days without failure. Still just deploying antivirus is not enough. Securing the endpoints is equally important to prevent data loss.

6.Set Up Dedicated Risk Assessment Team

The executive team should have a formal dedicated risk assessment team to look into various techniques, procedures, and access points from where the PII leaves the system. The team may pose as insider threat actors and hackers, play bad cop and come up with customized solutions and risk mitigation plans to protect against breaches.

7.Implement Incident Response Plan

Drawing up an efficient incident response plan helps in mitigating and containing the aftermath. This is very important for the reputation of the organization. When reputation is at stake, having a robust plan that streamlines what needs to be done, when and how, saves time, money and credibility.

Best Practices in Securing Healthcare Data

 

Health is wealth. An old saying but it upholds an important underlying meaning. Consumers spend a great amount of money on wellness, prescriptions, medical examinations, lab tests, various auxiliary health procedures etc. With this, healthcare organizations have become a repository of vast amounts of sensitive data that these consumers share, making them soft targets for data beaches.

ITRC, Identity Theft Research Center, studied the trends of data breaches and concluded that in 2015, 35.5% of the breaches occurred in the healthcare sector. And 66.7% of the total records that were exposed were from healthcare industry.  ITRC also claims that as of date in 2016, 34.9% of the breaches and 34.6% of the total records compromised are from healthcare; an overwhelming 4 million records have been reported to be affected in just the first few months of 2016.

Zecurion has put together a list of best practices that healthcare organizations are recommended to follow in order to protect themselves from such incidents.

Early Detection through Proactive Monitoring

Having efficient algorithms and rules for the network helps detect early if PHI and PII is being accessed without proper authorization. Many automated tools are available today that can discover any such breach at the initial stage itself. And early detection can thwart data loss incidents.

Towards this, solutions such as Zecurion’s Zgate enable companies to monitor all forms of outbound network traffic and online communications. It also helps identify sensitive information and prevents it from leaving the network. Zgate uses hybrid content analysis – combining digital fingerprints, Bayesian methods, and heuristic detection – to filter outbound traffic and detect confidential data.

Multilayer Security Authentication

Multilayer security authentication is a must. Options for finger print, retina test or scanning of a smart card should be added to regular password options to establish identity of the actual user. User role needs to be identified comprehensively, and accordingly the extent of authorization should be granted.

Encryption, Encryption, Encryption

Healthcare servers have vast sources of confidential information stored. Proper encryption of stored data can prevent data loss. Zecurion’s Zserver offers an excellent solution in this context. The solution encrypts information on hard drives, disk arrays and SAN storage using innovative and sophisticated cryptographic techniques. This protects stored information whenever physical control of the media is impossible, whether moving data to the cloud, or in the case of hard drive loss.

Update Security Patches Frequently

Antivirus and firewalls should not be outdated or obsolete. The software should be current and running 24/7 365 days without failure. Still just deploying antivirus is not enough. Securing the endpoints is equally important to prevent data loss.

Set Up Dedicated Risk Assessment Team

The management should have a formal dedicated risk assessment team to look into various techniques, procedures, and access points from where the PHI and/ or PII leaves the system. The team may pose as insider threat actors and hackers, play bad cop and come up with customized solutions and risk mitigation plans to protect against breaches.

Implement Incident Response Plan

Drawing up an efficient incident response plan helps in mitigating and containing the aftermath. This is very important for the reputation of the organization. When reputation is at stake, having a robust plan that streamlines what needs to be done, when and how, saves time, money and credibility.

Cyberinsurance

Cyberinsurance is an option that healthcare organizations should consider to offset any financial liabilities that may occur as a result of data breaches.

Conclusion

Data loss prevention solutions are a must-have for healthcare organizations. They should be deployed without hindering or slowing down the access of information to care givers. While there is no fool-proof solution to any breach, it is best to go with the saying “prevention is better than cure”.

Data Loss Prevention: Protection Beyond the Antivirus

Installing antivirus is no more adequate unless organizations have taken proactive actions and implemented other end-point security solutions to protect data loss arising from internal and
external threats. This traditional end-point security provision was sufficient in yesteryears when cyber-attacks were simpler and few. With the ever-changing technology and advancement in the nature of cyber-attacks, the antivirus as a security measure alone will not hold the fort for a long time.

Corporate data is mostly digital now. And sensitive data is accessed over multiple devices and networks. Telecommuting is rapidly growing and is favored in both private and governmental organizations, prompting employees to bring their own devices. Unfortunately, antivirus software is perceived to be the default security mechanism expected to protect against most IT threats. This, in turn, can be disastrous as it gives IT administrators a false sense of security, making critical data loss a harsh reality. IT administrators, therefore, need additional forms of protection such as end-to-end encryption and data loss prevention ((DLP) solutions.

What should an organization do to protect its critical data? We have some recommendations for organizations to consider in order to safeguard themselves against vulnerabilities of data loss:

  • Administer multiple layers of security instead of implementing just the antivirus.
  • Keep business continuity in mind while installing the endpoint security tool.
  • Encrypt data whether it is static or in transit.
  • Constantly monitor data coming in and leaving endpoints of the network.
  • Define user roles clearly, so employees are aware of who can access what kind of information.
  • Provide regular training to the workforce about security measures that need to be followed at all times.
  • Have a robust backup and risk mitigation plan ready in case of a breach.
  • Implement device management/ monitoring as an essential practice, particularly with the BYOD culture becoming a key workplace trend.
  • Install zero-day malware detection/analysis and content-aware DLP solutions.

These recommendations are the fundamentals to a strong IT security strategy. With antivirus no longer being the magic potion to deal with all threats, it is time organizations start implementing a more robust solution that encompasses various techniques aimed as data loss prevention.