With over half of employees indicating they would consider quitting their jobs after a cyberattack, the emotional repercussions of a data leak are seemingly significant.
Arguably, it is important for employers to equip their staff with best practices to protect both personal data and company information.
Picking up on this approach, the firm Indusface has outlined strategies for employers to safeguard their employees and businesses from the impacts of major data breaches and leaks as well as uncovering the companies that have experienced the largest data breaches.
Venky Sundar, Founder and President of Indusface, has explained to Digital Journal about key tips to shield a business from data leaks and breaches.
These are:
Encrypt sensitive data
Ensure that all sensitive data, both in transit and at rest, is encrypted to prevent unauthorised access.
Implement strong access controls
Limit access to sensitive information based on roles and enforce multi-factor authentication for added security.
Regularly update software
Keep operating systems, applications, and security tools updated to patch vulnerabilities that could lead to data breaches. If a software update breaks systems, deploy virtual patches on the web application firewall as an emergency measure. After that you could prioritize software updates in later dev cycles.
Conduct employee training
Educate employees on data security best practices, phishing threats, and the importance of handling sensitive information properly.
Monitor network activity
Use intrusion detection and prevention systems to monitor network traffic and alert you of any suspicious activity.
Backup data regularly
Maintain secure, encrypted backups of critical data to minimise damage in the event of a breach or ransomware attack.
Enforce strong password policies
Require complex passwords and regular updates to reduce the risk of unauthorised access.
Conduct regular security audits
Perform internal and external audits to identify and address any security gaps or vulnerabilities in your systems.
Monitor zero-day threats
Every month hundreds of new SQLi vulnerabilities are found. Monitor these and deploy the patches. If patching needs to be delayed, deploy application specific virtual patches on the WAF layer.
Create a mobile device action plan
To safeguard sensitive data on mobiles, require users to set strong passwords, encrypt data, and install security apps. Additionally, implement clear reporting procedures for lost or stolen devices.
Secure Wi-Fi networks
Ensure your workplace Wi-Fi is secure, encrypted, and hidden. Disable SSID broadcasting and password-protect the router for added security.
Indusface based their findings on recent data breaches, examining data from haveibeenpwned.com.