The year 2017 was marked by many events in the world of information security. We had the emphatic May 12th and the Ransomware attacks with WannaCrypt , where thousands of companies and organizations around the world were affected, in addition to several other waves of attacks worldwide.
These events showed how vulnerable the corporate world is in relation to information security and reaffirmed the need for investments in prevention against virtual attacks and corporate data protection. Unfortunately, the topic of Information Security is not yet a priority and most companies do not have policies for the use of technology and the internet, prevention procedures and efficient controls to manage vulnerabilities and mitigate risks and losses in the event of attacks.
The sequence of attacks highlights that the market must also consider the expansion of cybercrime, especially in the form of Ransomware, which, with the use of cryptocurrencies for financial transactions, makes it difficult to track and identify criminals.
Of course, with the security incidents and financial losses caused, many lessons have already been learned and even proven. The main thing is that no company is 100% secure, as the methods of attack are constantly changing and vulnerabilities are found in the most varied areas, such as the users themselves. Another lesson is about the importance of company information and the need to protect data, regardless of the size of the organizations, large corporations and small companies can suffer huge losses or simply stop operating without access to their business data and systems.
This scenario is also nothing new, organizations and companies in the area permanently reinforce the need to pay greater attention to cybersecurity. And creating policies that can prevent incidents, guide users and protect infrastructure and corporate information is much more than a trend, it is currently an urgency.
Fortunately, some changes are being noticed and will gain strength in 2018. According to Gartner, investment in information security will grow 8% this year. As a trend, the need for continued prevention measures stands out, monitoring the evolution of risks and forms of attacks. Investment in infrastructure or security systems is not enough, without monthly and even daily monitoring and updating, any solution can become inefficient or obsolete in a few days.
Although it is practically impossible to be completely protected, with adequate planning and properly executed measures, it is possible to prevent many problems. To assist in this planning, we have listed some points and trends that your company should focus attention and investments on in relation to information security:
Start by guiding users
In a survey carried out by PWC, it was found that 41% of security incidents in Brazil originate from the company's own employees, above the global average of 35%. Another survey carried out by Intel showed that only 3% of users are able to identify a phishing .
With users' lack of knowledge and attention, practically 4 out of every 10 incidents occur due to users' misuse of technology and internet resources. For example, by clicking on fake email messages or unknown links on dubious websites, a simple error like this can open the door to installing viruses or Ransomware on the company's network.
Therefore, guiding and training users so that they can identify risks and use the internet safely is essential. Users also need to understand their responsibility in relation to the use of technology and losses caused by possible incidents, so they will use resources more responsibly in the corporate environment.
Security and antivirus systems (always updated)
A good antivirus system is one of the most effective ways to prevent and combat attacks against the corporate network and company information. For more reliable protection, it is recommended to purchase a good antivirus system, which has available technical support and daily updates.
To operate at the network level, it is also recommended to have a firewall system in the corporate network, where it is possible to create blocks between the internet and the company's internal network. Likewise, it is important to keep these systems properly updated so that they can block attacks that appear daily in different formats.
Policy for use of technology resources
Nowadays, the use of technology and the internet is part of employees' daily lives in the workplace, with the use of computers, smartphones, management systems, emails, internet browsing and many other activities.
As technology and the internet are so broad and present, it is necessary to define how these resources can be used in the workplace. For example, using a personal flash drive with a virus at the company can contaminate the entire network, and accessing gaming or pornography websites at work, which often contain links to harmful websites, can open the door to cyber attacks.
Management and control of internet use
The internet is the main gateway to security incidents and breaches, which can occur in countless ways. For example, it is not uncommon for a user to click on a link in a fake message in corporate email, which will direct them to a harmful website on the network, which in turn will install (in a hidden way) a virus on the user's machine. user. With the virus installed and combined with other vulnerabilities, such as the use of weak passwords, it is possible to gain access to the company's internal network, servers and corporate data. This is the mechanic of most cyberattacks.
Considering the example, it would be possible to prevent access to harmful websites on the internet through navigation control tools, which can identify these risks.
Regarding the use of the internet, it is also important to educate users about the risks of the network, any error or lack of attention can make the company vulnerable to attacks. To do this, you can create a document containing guidelines and guidelines on the use of the internet , informing the company's policy regarding the use of the network.
Secure password policy
It is estimated that 90% of passwords are vulnerable and could be easily discovered by specialized systems.
Considering that the password is the main resource for proving a user's authenticity and protecting access to banking systems, management systems, email accounts, social networks and many other systems, it is very important to follow some tips and recommendations when creating and password management .
Data backup
Maintaining one (or more) copy(s) of all company data is essential. Try to imagine your company suffering some type of attack or losing all corporate data in some way (spreadsheets, systems database, customer and sales data, emails, etc.), the losses are certainly immense.
Unfortunately, thousands of companies in Brazil have already experienced this situation with Ransomware attacks (data hijacking). If your company does not have a copy of the information, it could be left in the hands of criminals, having to pay to access the data, with no guarantee that the data will be recovered with integrity.
Nowadays, with cloud resources, keeping up-to-date copies has become very accessible and practical. Here are some points that must be evaluated for a good backup policy:
- frequency : monthly, weekly, daily, hourly?
- storage time : keep weekly copies for 10 weeks, daily copies for 30 days?
- level of each backup : full, differential, incremental?
- media or storage location : in the cloud, external hard drives, tapes?
- data source : files, spreadsheets, documents, databases, emails?
As already stated, there is no way to guarantee 100% protection against network risks. But with some preventive measures like those mentioned above, it is possible to prevent incidents and avoid problems such as loss of business data.
Finally, be sure to pay due attention to information security in your company, the risks are very high, the losses can be high and criminals are increasingly active and audacious.