{"id":15065,"date":"2015-05-07T19:52:11","date_gmt":"2015-05-07T19:52:11","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=3925"},"modified":"2020-12-17T04:17:20","modified_gmt":"2020-12-16T17:17:20","slug":"a-cybersecurity-breach-prevention-recommendations-for-enterprises","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/a-cybersecurity-breach-prevention-recommendations-for-enterprises\/15065\/","title":{"rendered":"A cybersecurity breach prevention: recommendations for enterprises"},"content":{"rendered":"

In one of our earlier posts we discussed the primary reasons why cybersecurity breaches happen.<\/a> Now, what shall we do to prevent said cybersecurity breaches?<\/p>\n

It\u2019s easy to advise businesses to \u201csimply remove all reasons for the breaches\u201d- store passwords securely, don\u2019t use easy-to-guess combinations, update your software often, protect mobile devices, and make sure you have a strong security policy.<\/p>\n

While all great advice, these suggestions mean nothing without being concretized.<\/p>\n

So what can we do to DISALLOW security breaches? Here are just a couple of recommendations.<\/p>\n

A cybersecurity breach prevention recommendations for enterprises. #enterprisesec<\/p>Tweet<\/a><\/blockquote>\n

Generally speaking: Call for responsibility<\/strong><\/p>\n

Concretized: employees should submit their mobiles to IT for installation of corporate security tools<\/em><\/p>\n

Corporate employees today have more possibilities with their working devices than ever- before laptops became omnipresent and smartphones were commonplace, IT workers only had to care about protecting working endpoints and servers. It was up to the individual employees to decide how to secure their home desktops.<\/p>\n

This is no longer the case. Many companies have adopted a BYOD (or bring your own device) policy, making employees\u2019 personal devices a \u201cvolatile\u201d part of the corporate infrastructure, coming in and out of the office sometimes several times a day. Personal smartphones and tablets are used to store working data, both personal and corporate passwords, and other sensitive information. So, it is troubling that mobile protection often lags behind.<\/p>\n

\"wide1\"<\/p>\n

What else can we do to minimize the chances of a breach? Take a look at our practical guide<\/a>!<\/em><\/p>\n

Today, employees have more freedom than ever before \u2013 and that means they need to take more responsibility for their own safety than they may have done in the past.<\/p>\n

It is highly recommended that IT departments extend their corporate-level protection to employees\u2019 personal devices, but it is only possible if the employees are proactive about bringing their personal devices to the IT department\u2019s attention.<\/p>\n

In a nutshell, employees should be made aware that their company\u2019s security policies extend to their personal devices as soon as they begin using them for work matters, and that securing company data is a paramount task for their IT department. This task is impossible to successfully complete without the employees\u2019 taking personal responsibility and cooperating.<\/p>\n

Generally speaking: Plug the holes and automate everything <\/strong><\/p>\n

Concretized: Identify the weakest points in your infrastructure, and use a \u201cmulti-barrel gun\u201d of security solutions with vulnerability scanning, patch management, and application control functions.<\/em><\/p>\n

Plugging the holes in your infrastructure is a time-consuming, but necessary evil. First of all, it is important to identify where the weakest point of the entire chain is, i.e. where your network and data can be compromised. This is exactly what hackers do \u2013 why not think ahead of them?<\/p>\n

Do you have software vulnerabilities? \u2013 Okay, which ones? Has Microsoft Office\/Word been updated? -Yes. How about Oracle Java? Updated last week \u2013 Okay. Or no? How about Flash? \u2013 New updates are available. Applying\u2026 done. Now, what else? Ah, there\u2019s Windows update. Then there are employees\u2019 mobiles\u2026what a chore.<\/p>\n

Hopefully the patch management tools are in place, patching everything by hand is a torture and a huge waste of time.<\/p>\n

\"wide2\"<\/p>\n

Diminishing the attack surface may seem a chore, but there are practical approaches to make things less time-consuming. For more hints and tips take a look at our Practical Guide<\/a>.<\/em><\/p>\n

Okay, we succeeded; this \u201cchain link\u201d is strengthened, and known holes have been plugged. If there are unknown issues, vulnerability scanners are a go, as well as application control that would limit the possibility of dangerous behavior in the software used.<\/p>\n

With tons of software used within a company, automation and application control is a necessity, although according to Kaspersky Lab\u2019s 2014 Global IT Risks Report, only 58% of companies in the world has it implemented in full.<\/p>\n

Generally speaking: Prevent rather than react<\/strong><\/p>\n

It is way smarter and less expensive to safeguard your business infrastructure from future attacks rather than reacting and mitigating post-incident. <\/em><\/p>\n

Disasters happen; every company in the world can be sure that it will be targeted \u2013 if not today, then tomorrow. We already know most of the routes bad guys slither in through: software vulnerabilities (both PCs and mobiles are affected), weak passwords, phishing, unsafe use of mobile devices (such as accessing sensitive data via unprotected public networks), etc. Altogether these tactics are often called the \u201cattack surface\u201d, and diminishing this surface is exactly what a \u201cgood security policy<\/a>\u201d entails.<\/p>\n

It\u2019s crucial to remember that everybody makes mistakes \u2013 even the smartest people can yield to a silly phishing message \u2013 and timely patching may not help against the narrowly targeted cyberattack that uses a zeroday.<\/p>\n

Diminishing the #attacksurface is exactly what \u201cgood security policy\u201d is. #enterprisesec<\/p>Tweet<\/a><\/blockquote>\n

But by always keeping the possibility of an attack in mind, as well as strengthening the weakest links with the robust and multifunctional security software available, businesses have the capability to prevent bad things from happening, rather than having to react once it\u2019s too late. Prevention shouldn\u2019t be underestimated as an effective course of action; it is always less expensive than recovering from a successful attack post factum.<\/p>\n","protected":false},"excerpt":{"rendered":"

Personal smartphones and tablets are used to store working data, both personal and corporate passwords, and other sensitive information. So, it is troubling that mobile protection often lags behind.<\/p>\n","protected":false},"author":209,"featured_media":15682,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,2994],"tags":[2082,101,2023],"class_list":{"0":"post-15065","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-enterprisesec","10":"tag-application-control","11":"tag-mdm"},"hreflang":[{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/a-cybersecurity-breach-prevention-recommendations-for-enterprises\/15065\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/a-cybersecurity-breach-prevention-recommendations-for-enterprises\/15065\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/a-cybersecurity-breach-prevention-recommendations-for-enterprises\/15065\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.au\/blog\/tag\/enterprisesec\/","name":"#EnterpriseSec"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/15065","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/comments?post=15065"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/15065\/revisions"}],"predecessor-version":[{"id":28615,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/15065\/revisions\/28615"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media\/15682"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media?parent=15065"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/categories?post=15065"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/tags?post=15065"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}