Sunday , 24 September 2017
Home » NEWS » THIS WEEK’S GURUS » Protecting data against attacks – cyber and otherwise.
Dirk Paessler, CEO of Paessler
Protecting data against attacks – cyber and otherwise.

Protecting data against attacks – cyber and otherwise.

Passwords are continuously being stolen and sold on the Internet for profit. This is leading to larger and more dangerous attacks, with a range of high-profile companies suffering from data breaches.

Experts have estimated that over 300 billion username and password combinations will be at risk of being hacked, stolen and sold on the dark web by 2020. LinkedIn, for example, have reported that over 117 million email and password combinations were stolen and sold on the dark web between 2012 and 2016. Similarly, Yahoo reported that over 1 billion passwords had been stolen since 2013. These companies are not alone, as data breaches have also been reported by other Internet giants, including Dailymotion, Tumblr and Dropbox.

The widespread recognition of the value and growth of Big Data has led to corporate data becoming more valuable to hackers as well as companies that hold it. IT administrators must continue to look for methods to protect their organisations from an increased threat to their data, particularly with a spotlight on how companies plan to secure their customers’ data long-term and increasing pressure from the fast-approaching GDPR set to come in next year.

The ‘CIA’ approach – Confidentiality, Integrity, Availability – is regarded as paramount in data security. Of these, perhaps the most important component is ‘Availability’. The key to ensuring data protection is the ability for the right people to have access to the right data at all times. Availability also means all hardware must be constantly maintained and updated as and when needed. Denial-of-service or Distributed-Denial-of-Service (DDoS) attacks are becoming more frequent, requiring a sufficient level of availability to counter them.

Unfortunately, these sorts of measures are becoming increasingly necessary because the sources of intrusions have multiplied. Antivirus software is created to detect and defend from older viruses, but is ineffective against new virus software. As a result, it is becoming more difficult to protect software from newer intrusions.

Because we can no longer rely solely on computers, businesses and individuals must become more proactive in defending from viruses to protect themselves from cyber-attacks. Faults and configuration errors in terminals or applications could result in a loss of confidential data, and a network administrator must be able to intervene before the firewall breaks down.

Individuals and businesses must become increasingly aware of the cyber-risks and security data in the growing trend of BYOD (Bring Your Own Device). 71% of employees use personal devices for professional purposes, according to the Observatory of HR and e-transformation. An increase in demand for employee and consumer mobility and availability has led to companies allowing access to personal devices in or for work.  Potential cyber security risks that have been allowed access to a larger IT network include laptops, smartphones, USBs and external hard drives. Users are often unaware of the dangers their personal devices could inflict on the network, and it is therefore essential to have solutions capable of automatically detecting the connection of any new device to the company network.

Nevertheless, there are also ‘physical’ risks to data. Data centres are at risk from fire, flooding and overheating, which an antivirus would not be able to detect or prevent. Therefore, to protect data there must also be sensors to detect movement, humidity and heat to alert people of potential dangers. Human surveillance must also be part of a company’s policy to protect data, as the effects could be just as devastating.

There are ways to continue to guard against these constant physical and cyber-threats, but we must remain vigilant. Administrators must have access to an overview of the network to effectively supervise it. An effective IT monitoring solution will require an amalgamation of multiple key indicators and security tools in one, simple, customised dashboard. The administrator will then have an overview of existing and newly connected devices on the network, which will help to detect abnormal activity or intrusion from outside influences, both cyber and physical.

Detection will include from peak of affluence, sudden loss of the entire memory and suspicious activity in email traffic. An administrator will be able to anticipate any other possible malicious intrusions, ensuring optimal data activity is upheld at all times. A network monitoring tool effectively provides a panoramic view of the IT infrastructure. An administrator will ultimately be prepared for an attack on the system, rather than trying to defend against a data breach.

About Dean Alvarez

Dean is Features Editor at IT Security Guru. Aside from cyber security and all things tech, Dean's interests include wine tasting, roller blading and playing the oboe in his Christian rock band, Noughts & Crosses.

You can reach Dean via email - dean@itsecurityguru.org