Data center security tips
Data breaches have become more common as more companies use the cloud to conduct day-to-day business operations. Just last year, for example, one of the country’s biggest credit report companies, Equifax, announced the personal information of potentially 143 million U.S. citizens had been accessed by hackers between mid-May and July. As data breaches continue to make news headlines, consider keeping the following tips in mind.
Multiple layers of security
One way to help deter sophisticated hackers is to apply multiple layers of security. Firewalls, for instance, can be used to shield a network from external threats, with additional server-level and application-level protection in case the firewalls fail. Having a physical security program is equally important to help protect against physical forces, such as natural disasters.
Encryption is another way to help secure data, which involves converting data into code that is otherwise intelligible to the naked eye. This can help protect data from being accessed by unauthorized users. While details remain about whether it is better to encrypt data before or after it is sent to the cloud, it is much better to protect sensitive data with encryption than to leave it in plain text for anyone to read.
Third-party security practices
It is also important to ensure third-party services that have access to sensitive information abide by various security practices. For example, last July, Nice Systems, a third party analytics provider, accidentally exposed as many as 14 million Verizon customers data for an unknown amount of time the month before. The leak was the result of an Amazon S3 server that was set to “public.” While the leak was the result of a Nice Systems employee, Verizon was doing its share of damage control.
Many software code vulnerabilities can often be patched, but go unnoticed on account of failing to conduct a risk assessment. After a risk assessment is conducted, appropriate patches can be applied to vulnerabilities in the software code, depending upon their severity. Although applying patches takes times and resources, they are essential to network security. Otherwise, hackers might exploit the vulnerability.
Protect against internal threats
Many data breaches are often the result of a security incident within the data center, whether intentionally or unintentionally. In the 2016 Cyber Security Intelligence Index, IBM discovered that 60% of attacks were carried out by insiders. Among these attacks, three-quarters involved malicious intent, while one-quarter involved inadvertent insiders. Companies can take measures against breaches from the inside by regulating what sort of files can be downloaded and shared by employees, and ensure staff have strong passwords.