Steps to Detect and Prevent Security Breaches
Five actions that CIOs and CTOs can take. . .
One of the greatest assets of the vast majority of organizations consists of digital bits of information, not their physical holdings. Increasingly, data stored in databases, file management systems, flat files, spreadsheets, and other information storage formats is the linchpin for enterprise success. Intellectual property, transactions, and records to name a few are fueling business because that information is the currency upon which business operations function. Organizations are creating and using data at an unprecedented level, as represented in the demand for storage capacity.
According to independent studies, the annual capacity growth rates for the storage of data within enterprises grew 47% in 2008. The creation and processing of critical information won't let up anytime soon. Mandates for electronic health records and smart utility grids are just a few examples of what will accelerate the information explosion in the years ahead. Businesses have become more dependent on information. The gathering, organizing, managing, finding, and analyzing of information are now crucial to most businesses. Information manipulation can make a business more flexible and better able to address emerging business trends. As information usage proliferates among more and more users, organizations must deliver data to only those who require it for their jobs. Data accessibility, to authorized users, is at the heart of business processes. The proper management of the data is the purview of databases.
As the value of information collected, organized, manipulated, and analyzed grows, so do the threats to that data. Any organization with sensitive personal or financial
data represents a potential target. New attack vectors are aimed at siphoning off the critical data while avoiding detection. Criminal elements are conducting targeted
attacks on the "information business jugular" of financial assets, sensitive proprietary data, or resalable personal data. Authorized insiders also contribute to data breaches by either intentionally taking data or inadvertently releasing data.
How do you defend against system attacks and security breaches? Janco Associates has defined a set of steps that enterprises of all sizes can follow to help to achieve a safe and secure computing environment. The steps that CIOs and CSOs should follow are:
- Access the network and computing environment - Have an inventory of all devices, accesses points, security protocols, encryption levels, programs, and users. This inventory should have limited distribution and should be reviewed and updated frequently (at least quarterly).
- Conduct in-depth system and network security audits -Test and validate that only the authorized items are running on the systems and network. Create and review in-depth logs files to monitor compliance to security protocols, violation alerts, and actions taken.
- Establish network access rules that allow on valid access - Close all un-used ports on routers and disable all unused user ids and passwords. Implement a "two-factor" authentication and encryption process for all sessions. Require all users to use "two-factor" authentication. On the third authentication violation within a specified period, disable the device, port, or user from the system and network.
- Mechanize and retain detail logs - Record everything possible including dates with full timestamps and implement firewalls that minimize inbound attacks. Review these logs in detail daily and report at least weekly to the CIO or CSO the types of issues that occur.
- Assume someone is attacking you now - Use the logs in a comparative way to see differences between prior periods and the current period to identify how someone could be getting into the system and network. Have outside third parties try to break in - see if you can identify and block them.
The Security Manual Template can be acquired as a stand alone item (Standard) or in the Premium or Gold sets:
Security Manual Template - Standard Edition
- Business and IT Impact Questionnaire
- Threat and Vulnerability Assessment Toolkit
- Security Management Checklist
- Full Detail Policies for
- Blog and Personal Website Policy
- Internet, Email, Social Networking, Mobile Device, and Electronic Communication Policy
- Mobile Device Policy
- Physical and Virtual File Server Policy
- Sensitive Information Policy
- Travel and Off-Site Meeting Policy
- Job Descriptions for the Chief Compliance Officer, Chief Security Officer, Data Protection Officer, Manager Security and Workstations, Manager WFH Support, Security Architect, and Systems Administrator.
- Work From Home (WFH) operational rules
- HIPAA Audit Program
- GDPR Compliance Checklist to meet EU Requirements
- CCPA - California Consumer Privacy Act requirements definition
- Consumer Bill of Rights
- Sarbanes Oxley Section 404 Checklist
- Security Audit Program- fully editable -- Comes in MS EXCEL and PDF formats -- Meets GDPR, ISO 28000, 27001, 27002, Sarbanes-Oxley, PCI-DSS, HIPAA FIPS 199, and NIS SP 800-53 requirements -- Over 400 unique tasks divided into 11 areas of audit focus which are the divided into 38 separate task groupings
- Electronic forms that can be Emailed, completed via a computer or tablet, and stored electronically including: Blog Policy Compliance, BYOD Access and Use, Company Asset Employee Control Log, Email - Employee Acknowledgment, Employee Termination Checklist, FIPS 199 Assessment Electronic Form, Internet Access Request, Internet Use Approval, Internet & Electronic Communication - Employee Acknowledgment, Mobile Device Access and Use Agreement, Employee Security Acknowledgment Release, Preliminary Security Audit Checklist, Risk Assessment, Security Access Application, Security Audit Report, Security Violation Reporting, Sensitive Information Policy Compliance Agreement, Server Registration, and Threat and Vulnerability Assessment
- eReader version of the Security Manual Template
Security Manual Template - Premium Edition
- Security Team Job Descriptions MS Word Format
- Chief Compliance Officer (CCO); Chief Security Officer (CSO); VP Strategy and Architecture; Data Protection Officer (DPO); Director e-Commerce; Database Administrator; Data Security Administrator; Manager Data Security; Manager Facilities and Equipment; Manager Network and Computing Services; Manager Network Services; Manager Training and Documentation; Manager Voice and Data Communication; Manager Wireless Systems; Identity Management Protection Analyst, Information Security Analyst, Network Security Analyst; System Administrator - Linux, System Administrator - Unix; and System Administrator - Windows
Security Manual Template - Gold Edition
- IT Job Descriptions MS Word Format - Updated to meet all mandated security requirements
- 312 Job Descriptions from the Internet and IT Job Descriptions HandiGuide in MS Word Format including all of the job descriptions in the Premium Edition. Each job description is at least 2 pages long and some of the more senior positions are up to 8 pages in length.