A security breach is an act from an outside organization that bypasses or contravenes security policies, practices, or procedures. A similar internal act is called a security violation (businessdictionary.com).
While a security breach can seem imminent at times, there are ways to avoid IT security breaches within a company. Take a look at 10 simple measures to help protect your organization from Michael Kassner of Tech Republic.
10 ways to avoid IT security breaches:
Change default passwords – many devices and applications are protected by default passwords, which can be found in a web search by an attacker
Don’t reuse passwords – attackers are aware that it is easier to reuse username and password combinations, so once obtained, they will likely try it on all of your accounts
Disable user accounts when an employee leaves – security breaches are easier to pull off when the attacker has inside information (make sure to disable all accounts whether the employee leaves under amicable terms or not
Examine security logs – reviewing security logs daily can alert security personnel of things such as login failures and unwanted login attempts
Do regular network scans – network scans allows the administrator to find rogue equipment on a network as well as detect security vulnerabilities in the network
Monitor outbound network traffic – suspicions should be raised when the number of outbound connections or the amount of traffic deviates from the normal baseline operation
Patch and update regularly – keeping operating system and application software up to date is the best way to foil breach attempts from outside the network’s perimeter (Internet)
Implement a security plan – a security plan is invaluable for the following reasons: First, everyone is working off the same playbook, which provides continuity; second, when the organization is in panic mode, the security plan will provide solutions developed at a time when everyone was less anxious
Raise user awareness about information security – it is important to train users to be able to function on the Internet securely
Get upper management to buy in – ensure that your upper management understands the importance of security policies and purchasing required technology
In addition to taking security measures for your business, individual employees can also take action follow simple steps in defense of a breach. As an employee, you have a crucial role in the security of your company, whether you know it or not. A company cannot be secure without the help of every single employee. Below are some tips that you can follow in order to help your company avoid a security breach:
Stay informed
If you do not understand or are not sure, ask
Follow your company’s password policies and DO NOT reuse passwords, write down passwords, or share passwords under any circumstance
Create strong passwords consisting of capital letters, lowercase letters, special characters, numbers. Some examples include: Mu5+hAv32s33!, 33thr33;trEEs!, L0v3Ev3r,HuR+NeVeR
NEVER use passwords less than 8 characters
Reset your password as prompted every 90 days
Follow your company’s security and clean desk policies
Pay attention during training sessions and be sure to ask any questions that you might have
Dispose of any confidential and/or restricted data properly as defined by your company’s classification policy
Do not open suspicious emails
Ensure proper validation of one’s identity is obtained before releasing ANY information