Data Breach Monitoring
April 01, 2020
What is a Data Breach?
A data breach comes as a result of a Cyber Attack that allows Cyber Criminals to gain unauthorized access to a computer system or network and steal the private, sensitive, or confidential personal and financial data of the customers or users contained within.
Common Cyber Attacks used in a Data Breach comes from many forms or End-User errors that includes downloading something that brings along Spyware (aka Malicious Software), going to unsecured websites and filling out forms, connecting to unsecured networks and entering confidential information such as usernames and passwords, clicking on a link inside of a spam email or simply responding to a rouge email that looks real (aka Phishing Email) before realizing that it did not come from the actual person that they thought it came from.
How do Data Breaches happen?
Virus or Malicious Software is a type of attack that takes advantage of software using bugs or vulnerabilities, which Cyber Criminals use to gain unauthorized access to a system and its data. These vulnerabilities lie hidden within the code of the system and it’s a race between the criminals and the Cyber Security researchers to see who can find them first. The criminals, on one hand, want to abuse the exploits while the researchers, conversely, want to report the exploits to the software manufacturers so the bugs can be patched. Commonly exploited software includes the operating system itself, Internet browsers, Adobe applications, and Microsoft Office applications. Cyber Criminal groups sometimes package multiple exploits into automated exploit codes that make it easier for criminals with little to no technical knowledge to take advantage of exploits.
Non-Updated Operating System is a type of attack that exploits weaknesses in the Operating System not receiving regular updates. Here’s how it works. A Cyber Criminal finds a vulnerability in the Operating System and enters malicious code into software that has become installed automatically onto a Server or Workstation through many forms of the possibilities of using the internet. Performing regular updates of the Operating System, using a Firewall, using Anti-Virus Software such as Webroot, using Anti-Malware Software such as Malwarebytes and other like programs.
Phishing attacks work by getting an End-User to share sensitive information like our usernames and passwords, often against normal logic and reasoning, by using social engineering to manipulate our emotions, such as greed and fear. A typical phishing attack will start with an email spoofed, or faked, to look like it’s coming from a company you do business with or a trusted coworker. This email will contain aggressive or demanding language and require some sort of action, like verify payments or purchases you never made. Clicking the supplied link will direct you to a malicious login page designed to capture your username and password. While emails are the most common form of phishing attack, SMS text messages and social media messaging systems are also popular with scammers.
How to help limit Data Breaches...
There are many ways to help limit a Data Breach. Nivek Group practices the following suggestions and tries to push that on to all Clients and their End-Users (along with to their friends).
- Use strict, hardcore passwords
- 8 or more characters
- Use a combination of words together that someone would not think you would use
- Contains a combination of Capital Letters, Lower Case Letters, Numbers and Special Characters
- Change the password approximately every 45-90 days
- Do not repeat passwords from one service to another service, use different passwords for the many different accounts we utilize
- Only track your passwords into applications that is stored to your device/computer or a local server on your network and is not a Cloud Service. As an example, KeePass and Password Manager Pro are good examples
- .. as always, and many more ideas …
- Monitor Account Logins / Access:
- From time to time, check your login connections to confirm that they are your devices
- Verify that the any activity on the account is something that was performed by you or your team
- Review Emails and Letters carefully and thoroughly:
- Review all Emails and Letters received to confirm the verbiage that matches the matter at hand
- Review the request it is asking for to perform to make sure it is something that the person/company would actually ask for you to confirm
- Review the authenticity of the Email or Letter to confirm that it actually came from who it says it came from
- Enable Multi-Factor Authentication, Two-Factor Authentication (MFA/TFA/2FA):
- If the web portal access allows a Multi-Factor or Two-Factor Authentication for logging into, it is highly recommended to that you utilize this service feature
- Practice Data User Access Control:
- If you are able to store the data on a separate data storage device with user access control
- Each user that needs to access the data has their own Username and Password
- Reset the password on a regular basis
- Grant a separate access login for users that require Admin access to be able to use that access only when they need to utilize that Admin access
- Practice Data Storage on Separate Networks / Drives / Devices:
- When possible, store the data on a separate network from the network that is used as the primary network
- If your company only has one network, store the data on separate drive connected to the network rather than saving to your local hard drive
- If your company does not have multiple networks or a network drive, practice storing the data a removal drive that is only accessible when needed
- … and more …
- As always, there will always be more steps that one can take to help prevent Data Breaches as this is only a partial list of suggestions due to there is no complete full list resulting in the new Data Breaches are always being formed on a daily basis
How does Nivek Group help prevent Data Breaches?
When you sign Nivek Group on as your Managed IT Provider and utilize us for all of your IT requests, regardless of how small the task may be, we use all of the above listed suggestions as much as possible. We understand that not all options will be available for all Clients and infrastructure; however, Nivek Group will do their best to implement the highest level of each suggestion as possible.
Nivek Group will monitor Firewall connections and logs as well as Email logs to confirm that everything is on he up and up. You never know when this will come in handy!