Don’t Fall Victim to Threat Actors-How to Avoid a Data Breach

By:  |  Category: Blog, Security Wednesday, August 22nd, 2018  |  No Comments
threat actors

Below is an article from one of our EnhancedTECH security engineers on data breaches. This guy is daily in the trenches fighting to protect and defend our client’s business infrastructure. Thanks for your insight Dave and keep up the good work!

A Note from Dave–My name is Dave Collins, I am a level two security analyst and the newest hire here at ETGI. In this article, I want to talk about data breaches and how to protect yourself from falling victim to threat actors, as well as provide a few tips to help your firm avoid a breach.

In the first half of 2018, according to the Risk Based Security report, there have been over 2.6 billion records disclosed in over 2,300 breaches. Wow! Those are big numbers. Our own Samantha Keller has written extensively about the dangers for small to mid-sized businesses of security breaches. It’s important to reiterate that security through obscurity is never a good idea and criminals are actively targeting the SMB space.

If you are thinking to yourself, “great, another doom-and-gloom article looking to spread more FUD,” rest easy, reader. I simply want to share with you a few tips to help protect both you and your business from falling victim to a breach.

As with everything in security, there is no silver bullet. While these tips can improve your organizations information security baseline maturity level, the only way to be completely protected from any threat actor is to have no employees and no machines connected to the internet. Since this is obviously impractical, it is important for each firm to decide what is an acceptable level of risk for your company and consider your organizational threat model.

Ways to increase your firms’ security posture: 

Vigilance and Skepticism:

If you receive a phone call from someone claiming to be a representative of your bank, or the bank your company does business with, skepticism and vigilance are your two best friends. Ask questions including their supervisors name, their internal extension, and a number to call them back. While threat actors can easily spoof a number to trick your caller ID, it is much more difficult to route phone calls to a different number. If you feel your login credentials were compromised by a social engineering attack, immediately change your password (if you reuse the password for other logins be sure to change those as well) then contact your support desk and let them know about the danger to their network. Authenticated access to the network can allow adversaries to do much more damage, so be sure to alert the service desk as soon as possible to minimize the damage.

Additionally, if your firm does not have a two factor or multifactor authentication (2FA/MFA) solution, you should highly consider implementing such a solution. While this does not make you automatically secure, it is more difficult for a threat actor to compromise your network, and adversaries looking for low-hanging fruit will quickly move on. This is one of many services provided by our partners and we can assist you in setting up 2FA/MFA on your systems, if you decide you need such services.

If your company allows employees to work from home,  carefully consider what equipment you will allow them to use. While laptops provided by your company are also administered by your company or a MSP, if your employees are allowed to connect personal devices to your network that are not administered by your firm, you run the risk of having your network compromised. Moreover, you should be sure that any remote employees are connecting to your network in a secure manner.

(We recommend a virtual private network (VPN) solution which will provide enhanced security features.)

Finally, whether or not you are bound by compliance rules to have regular vulnerability assessment and/or penetration testing engagements, you should consider reaching out to ETGI. Our experienced engineers can conduct offensive security engagements to let you know your baseline maturity and provide remediation to address any issues we discover. For more information about our offerings please give us a call at 714-970-9330 or contact us at [email protected]

[1] https://pages.riskbasedsecurity.com/2018-midyear-breach-quickview-report

[1] https://www.enhancedtech.com/blog/small-business-cyber-attacks/ and also https://www.enhancedtech.com/blog/are-you-prepared-for-a-data-breach/

[1] FUD is an acronym that stands for “fear, uncertainty, and doubt.”

[1] OWASP defines threat model as “a structured representation of all the information that affects the security of an application. In essence, it is a view of the application and its environment through security glasses.” For more information about threat modeling visit the OWASP website at https://www.owasp.org/index.php/Category:Threat_Modeling

Leave a Comment
Read previous post:
Managing Your Data in the Hybrid Cloud

The idea of a hybrid cloud set-up – combining on-premises and off-site services – is an increasingly popular option for...