En 2017 vimos corporaciones internacionales, figuras públicas, y los individuos por igual se convierten en las principales víctimas de violaciones de la seguridad de datos. Lo más prominente, quizás, fue la filtración de casi 150 million American’s social security numbers by Equifax.
There were also major breaches at Sony, Microsoft, UNC Health Care, e incluso el IRS. While most data security challenges are complex, data leaks and intrusions can often be prevented by a strict data sharing and security policy, and by staying current on new software and system vulnerabilities.
Data Security Challenges for 2018
As data passes through an end-users’ system to the internet or corporate intranets, there are many points at which it can be infiltrated, robado, or otherwise compromised. Malicious code can be deployed at virtually every layer in a system, affecting data security from the point of creation through its entire route of transmission and backup.
New data challenges to watch out for in 2018 incluir cloud security loopholes like improperly configured user access accounts and unencrypted transmission through regular HTTP access. Most cloud and data storage services offer encrypted file transfers through Secure Sockets Layer (SSL) and other secure protocol. Make sure any data storage service you are using offers SSL or other safe means of transmitting your data. This will keep your data safe from new man-in-the-middle attacks being discovered this year. Other new data challenges for 2018 include a host of new vulnerabilities growing out of the expanding options for wireless device access such as Bluetooth hacking.
Data Security Pitfalls to Avoid
While keeping your data secure may sound like a daunting task in recent times, implementing a few solid safety protocols can go a long way in this measure. If your company’s data is accessible by multiple employees or clients, then you’ll want to create a hierarchy of access. This is the same principle used by governments and major corporations to prevent lower-level employees from accessing and leaking company information. FTP access controls are simple to setup with nearly any cloud or web host, as are user account controls on local machines and other system software.
Leaving the default settings in place on any device or system you’re installing can also land you in hot water. When setting up a new data storage device or drivers, or intranet-connected device such as security cameras and routers, be sure to adjust the default settings to meet your specific data security needs. Default usernames and passwords for administrator accounts should be changed during installation of any new network device, and network access restrictions like time periods and MAC address filters should be set up before any new equipment connects to your network.
Tips for Keeping Your Data Secure in 2018
Choosing the appropriate storage environment for your data can make all the difference in keeping your information secure and private. Many companies are using cloud or web server based hosting to keep their data physically safe off-site. This is a great practice if you’re not set up to store tons of data in a physical server room. Choose a storage provider with a valid SSL certificate and clear definitions in their terms of service as to what security measures they take.
Disable all non-essential or unused access methods to any data-storing devices on your network. Physically or digitally turn disable any USB port that you don’t plan to use to avoid USB device attacks which commonly target unwitting employees and end-users. Machines that don’t require internet access should have their network cards and wireless adapters removed to prevent malicious and accidental data transfer.
Consider purchasing access to a reputable Virtual Private Network (VPN) service for everyone who has access to your data. VPNs can prevent snooping based attacks and other transmission-related intrusions and theft of valuable data. VPNs work by encrypting the channel through which your data is sent and received, and can protect your identity and credentials from other with access to the network your using.
While data security challenges are growing in 2018, choosing trustworthy storage companies and implementing security policies for all end-users and machines in your company or home will keep your data safe from most attacks. Consider investing in a VPN for added security, and making use of encrypted storage and transmission protocols like SSL.
Nota del editor:
De vez en cuando, SensorsTechForum cuenta con artículos de la huésped de la seguridad cibernética y los líderes infosec y entusiastas como este post. Las opiniones expresadas en estos artículos como invitado, sin embargo, son exclusiva responsabilidad de su autor que contribuye, y pueden no reflejar las de SensorsTechForum.