4 Steps to Help With Data Protection and Compliance
The protection of personal data has never been more important for organizations, but many still lag behind with securing that data. With compliance regulations such as HIPAA, PCI and GDPR top of mind for many, are organizations ensuring that personal data is protected at the organizational level? For companies both large and small, we've outlined four steps organizations can take to begin assessing personal data.
1. Define Protection of Personal Data
In May 2016, we discussed why real-time security detection matters in 6 warning signs of a Data Breach in Progress. This article notes the places within an organization's network that should raise a red flag, or concern for a business. The six signs of a data breach in-progress include:
- Critical File Changes
- Obvious Device Tampering
- Locked User Accounts
- Unusually Slow Internet or Devices
- Abnormal Admin User Activity
- Unusual Outbound Traffic
As noted by Luke Irwin, US companies take an average of 206 days to detect a data breach, and the cost associated with this time frame is close to $6 million.
As the General Data Protection Regulation (GDPR) deadline looms in the near future, US companies are now forced to acknowledge that GDPR compliance is happening, and as noted by NY times, how the bigger companies handle the GDPR in general may dictate or have influence on the future practices of smaller or even medium-sized organizations. This also leads to speculation regarding if there will be an influx of companies "coming clean" prior to May 2018, as the Uber cover-up in 2017 created vast headlines.
2. Identify Data Compliance Standards Needed
Data breaches are a large concern for organizations, and data protection is top of mind for many. There is not a one-size-fits all for data compliance standards and the regulation correlating to each compliance, however as previously discussed with PCI DSS compliance, there are areas of concern that should be monitored, as they can introduce significant risk for a data breach to occur. Though these areas below are specific to PCI compliance, many are applicable for other regulatory compliancies.
- Testing Security Systems
- Maintaining Security Standards
- Policy Creation
- Tracking and Monitoring Network Access
- Practice Access Governance
3. Identify Network Vulnerabilities
With the latest Ponemon survey reporting that 67% believe their companies are more likely to fall victim to a data breach or attack in 2018, something has to give. Simple mistakes can undoubtedly cause large errors.
Application Security and passwords
Recognizing the potential for exploits with applications and implementation of comprehensive security testing can help. Organizations may want to ensure that DevOps practices on internal application security are not only implemented, but followed as well. Passwords, passwords, passwords. This is an instance where "recycling" is not recommended, or good for an office environment.
Identity management tools can be used for account access, and a policy-based administration requiring password requirements can solve an organization's password dilemma.
Data Backup and Tracking
Do you have a good backup? Restoring files to an original state is not something organizations should wonder about. An IT team should not only have the ability but should be able to test the practice of file and system restoration. For tracking purposes, audit logs are needed for PCI, SOX and other compliance regulations. Modifying logs can hurt a company's data and increase the risk of a breach. Financial implications can arise when security practices are not in place. Many organizations have begun to implement change control as part of their security policy.
Excessive Access and Workstation Security
This section should really be entitled excessive access, security, and people. With the "lack of competent in-house staff being the top threat CISO worry about most in 2018 reported as 70 percent, organizations may need to focus more on people, and not only the endpoints those people touch, but the data endpoints as well.
Recent findings from LastPass and Ovum research reveals that close to 80 percent of IT executives based in the Asia-pacific do not have the ability to control access to cloud-based apps used by employees.
Additionally, if workstations are not configured to lock after inactivity, or access from third parties is not prevented when incorrect password attempts occur, sensitive data and personal identifiable information (PII) can be obtained. Stopping a security breach at the workstation can be implemented with the right software.
4. Identify Software Solutions for Data Protection
With 1 million new variants of malware created on a daily basis, being unwilling to properly budget for the best options in enterprise security software is no longer acceptable. Richard Henderson recently commented that "we are entering a new period of regulatory enforcement of cybersecurity-related issues".
Looking at infosec objectives and their relation to the GDPR, PCI DSS, HIPAA, NERC, FISMA, and GLBA regulations and being able to identify security threats with file integrity monitoring (FIM) software will enable organizations to help secure their enterprise.
File integrity monitoring not only protects data and critical systems, but it also:
- Detects changes to applications, files, routers, servers, databases, and other network devices within the IT infrastructure
- Captures complete details of each change
- Helps identify if change is a security risk or not
- Remediates change to original baseline when change attempts are made
As organizations need to control and monitor what changes occur, knowing what software can help with that task is just as much of a need. Learn more about FIM with our Definitive Guide to File Integrity Monitoring today.
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".