It’s every business leader’s worst nightmare:
You think everything is running smoothly, and then out of the blue, you receive word from your security team that your company’s network has been successfully breached by a hacker — potentially exposing troves of sensitive customer records, trade secrets, and internal communications to the public.
Part of what makes this type of security incident so terrifying is that the results are entirely unpredictable. There is a number of negative consequences that could arise in the days, weeks, and even years after an initial breach. In most cases, the larger the data breach the longer the recovery will be. Target’s massive 2013 data breach, for instance (which impacted 41 million consumers) was still unresolved until earlier this year. Back in May, it was announced that the company will have to pay $18.5 million in damages.
As you can see, financial losses from data breaches can be astronomically large. According to a new study, the average cost of a breach is now up to $4 million — or about $158 per each lost or stolen record. This is a 29 percent increase from 2013, which is around the time when the data breach epidemic became a widespread concern.
As we explained in a recent article, there are both direct and indirect costs associated with data breaches. Direct costs may include things like notifying customers, attorney fees, and litigation and technical investigations. Hidden, or indirect costs, may include revenue from lost contracts, the devaluation of your company name, insurance premium increases, and more.
So, what can you do to protect your business? You can’t prevent hackers from targeting your network. And you may not even be able to prevent every attack that comes your way. But you can take control over how your organization plans for attacks and responds to them when they occur.
In our previous article, we mentioned some top ways to maintain secure communications including using proactive software assurance, blocking attacks at the network and host level, eliminating security vulnerabilities, supporting authorized users, and using tools to manage security and maximize effectiveness.
Here are three more specific things you can do:
Mobile Device Management (MDM)
In recent years, bring your own device (BYOD) has emerged as a popular business trend. Many companies today now allow, and even encourage, employees to use their own personal mobile devices for work purposes.
BYOD is great from a productivity standpoint. However, it can expose your business to countless security risks if you fail to take the proper precautions. For example, a problem called shadow IT can arise when management loses track of the devices that are being used across an enterprise, and the data that they are harboring.
Mobile device management (MDM) involves centralizing data storage, so that employees can easily access information on their mobile devices — but securely, and in cooperation with the IT department.
Use A Cloud Access Security Broker (CASB)
Early detection is one of the most important things you can do to prevent a data breach. The earlier you detect an intruder on your network, the faster you can take action. Many hackers bank on gaining silent entry into a network, camping out and waiting for the right time to release an attack.
A cloud access security broker (CASB) is a tool that you can place in between your on-premise hardware and your cloud provider’s hardware and will allow you to use your own security policies on another network. CASBs can be used to immediately identify suspicious account logins, data dumps, and other nefarious actions. This is another tool that should be used to support distributed workforces.
Enforce Multifactor Security
There are a variety of new technologies that can be used to fortify employee and customer accounts during logins. These include voice biometric identity verification, facial scanners, and fingerprint scanners. All of these technologies can be used to keep unauthorized users out of your network.
Most of these new technologies can be layered on top of one another. This strategy is called multifactor authentication (MFA). For example, you may ask customers to use a voice scanner alongside a traditional identity verification solution like passwords or security questions. The hope is that if one system should fail, there will be another step that the user will have to get right to access the account.
Summing Up Secure Communications Best Practices
When it comes to the security of your business, employees, and customers, finding the right combination of security measures and policies is paramount. Your choices for secure communications may depend on the data you collect, industry regulations, or level of complexity within your business. Understanding what you're up against and how to safeguard against it will help your business prepare for and avoid disaster, giving you peace of mind.