10 Steps to Cyber Security
The security of an organisations data is arguably the most important element in a modern IT environment.
In the digital age data is lifeblood of business and the scale of the cyber threats aimed at stealing or otherwise denying access to data is testament to this.
It could be argued that data security today is the primary driver for all other cyber security requirements in organisations, but many organisations do not know how to tackle the problem they face.
The first step in devising a strategy around data security is to understand the data that you hold, identify data that is particularly sensitive, identify data that you do not need to store or can be archived, and assess the potential risks associated with that data – this should have been achieved as part of the risk management step.
Once you understand the risks posed, you can begin to implement appropriate controls to protect the data at rest by implementing access control, encryption, or digital rights management for example. Transmission of data must also be considered, how will you ensure the data is only accessible by the intended recipients, digital rights management can help here as well, alternatively controlling the network paths the data will traverse by use of VPNs may be an option.
Solutions for Data Security
Data Loss Prevention
Data Loss Prevention technologies can also be used to ensure data and information is classified correctly are and that data that should not leave your systems does not leave your systems, be that accidentally or intentionally.
Encrypting and sanitising removable media is another consideration if you allow your users to utilise it.
Identifying your most sensitive data will allow you to prioritise the levels of control you wish to apply to protect it. Using solutions such as SecurEnvoy Data Discovery, Classification, and Protection or Microsoft Purview you can discover the data that is most important to you, classify it and protect it from unauthorised access or release.
As a minimum, MFA should be enabled for any privileged accounts as standard, however enabling for users also has its benefits, and the MFA solutions now are easy to implement and educate users on their use.
Adoption of a zero-trust model is an invaluable tool to effectively control the flow of data within your environment. A Zero trust approach can revolutionise your system and data security, by assuming that no-one or no device should be allowed access until their identity has been established via multiple factors almost guarantees your data is protected from unauthorised access.
There are a number of different approaches to achieve a zero-trust approach, Sophos Zero-Trust approaches it from a network perspective in a similar way to Cisco Meraki by establishing the pedigree of a device prior to allowing it access to resources, Microsoft uses it’s vast eco-system and cloud presence to apply controls to individual files and leverage telemetry from it’s other solutions such as Active directory and Endpoint Manager to determine whether access should be granted.
Email security is one of the somewhat-simpler elements which again has been around for a long time – since junk email became a thing – but this technology too has undergone quite radical transformation from what it once was. There are a number of different approaches taken by different vendors and each work well on their own. Microsoft Defender for Office 365, Mimecast and Sophos Web Security for example take similar approaches to how they function by looking at content and known junk senders to block content.
Forcepoint however have adopted a different approach alongside the traditional email filtering you would expect with their Content Disarm and Reconstruct (CDR) solution by electing to assume every email is malicious and to dynamically strip and rebuild web links with sandboxed links for every single email, making it almost impossible for malicious links to make it through to an inbox intact.
Secure File Sharing
As much as we would like our data to remain safely behind out security measures, collaboration and file sharing are essential components of any organisations operation. The ability to conduct these activities in a secure and controlled manner is paramount. There are any number of solutions available to provide this facility, some of the more common ones being OneDrive for Business, Microsoft SharePoint, and Egress Collaboration and File Sharing.
- What data security is and why it is important?
- Data Security in Practice: implementing an effective data security strategy
Our Vendor Partners
We work alongside the most reputable vendors in cybersecurity to ensure your people can work safely from anywhere.
Speak With an Expert
Enter your details and one of our specialists will be in touch.
Whether you’re looking to implement basic cyber security best practice, improve your existing defences, or introduce a new system or solution, our team of expert consultants, engineers, and ethical hackers are here to help.
Our team specialise in creating bespoke security solutions and testing packages to improve and maintain your security posture.
We are 100% vendor agnostic and will only ever recommend the best products and solutions for your requirements.