4 ways to improve data security in 2020

The stakes surrounding data security and risk mitigation rise with each passing year. Data breach costs continue to increase and potential threats grow more sophisticated. 

According to IBM, the average total cost of a data breach – after accounting for remediation, reputational damage and regulatory issues – has reached $3.92 million. While smaller organizations may not face expenses that high, addressing an incident could cost tens of thousands of dollars or more.

Security issues can also jeopardize the transition of workloads into the cloud. This prevents organizations from taking advantage of this technology and making progress toward full-scale digital transformation.

Organizations should keep data security at high priority in 2020 and use every opportunity to improve their security posture and safeguard databases, systems, applications, networks and other assets. Backup-as-a-Service solutions, along with more intensive security assessments, personnel training and advanced analytics tools, can play a pivotal role in those efforts.

In the article below, we’ll explore four options for boosting data security capabilities and preventing data breaches in the coming year.

1. Perform regular review and testing of controls

To stay secure, every organization needs a well-defined organizational structure for managing data security needs. Having a comprehensive security governance strategy in place removes confusion and ambiguity regarding security responsibilities. 

For that strategy to work, it requires regular updates to address shifting security requirements, emerging threats and changing best practices. It should be well-maintained between tests to ensure the organization is doing everything possible to prevent or mitigate a data breach.

To get the best results from a security strategy also requires consistent testing to ensure everything is in proper working order and every contingency covered. To that end, testing security controls should be a key priority. Access management is one of the most important components of modern cybersecurity. Compartmentalizing various platforms and databases helps to prevent unauthorized access or compromise to sensitive data and systems.

Revisiting governance this governance strategy also creates accountability both around security as well as workload management. A lack of accountability in these areas is a dangerous financial and security liability. If internal stakeholders don’t understand who’s responsible for data security controls and remediation efforts, organizations may be too slow to respond to a breach and minimize its impact.

2. Conduct security training for all key stakeholders

In the world of data security, your employees can either be a major asset or a huge liability. When staff members understand the malware and security threats facing the organization and know how to distinguish between legitimate and malicious activity, the business is in a far better position to prevent bad actors from penetrating their defenses. 

On the other hand, employees who are unfamiliar with security best practices and common cybercrime strategies put their own organizations at risk. Their accounts make easy targets for securing unauthorized access to sensitive data and applications.

With that in mind, regular and in-depth security training is an essential component of a robust security posture. As employees undergo such training, they begin to understand how an attacker might try to manipulate them. From here, they can recognize potential attacks and respond as necessary. 

Data security has often focused on external threats. But an organization looking to protect its data needs to pay just as much attention – if not more – to breaches that start from the inside. A 2019 survey of more than 1,000 information security leaders revealed that 69% of respondents reported data breaches stemming from an insider threat.

3. Monitor for internal threats – malicious or otherwise

Not all insider threats are malicious. Many of these result from ignorance regarding proper security measures. Poor security hygiene can be a systemic issue that includes everyone from ground-level employees to C-level executives. That same report found that 78% of CSOs and 65% of CEOs had clicked on suspicious links in the past. Moreover, 43% of business leaders use their personal email accounts to share documents and communicate with their colleagues. 

It should be obvious that this behavior presents major security risks. For instance, people often use the same login credentials for various personal accounts. If one is compromised, the rest will be at risk. By using their personal email for business purposes, employees widen the organization’s threat exposure.

Training for all employees will help create a company culture that values data security best practices. Routine training ensures people adhere to them at every level of the organization.

4. Build-in artificial intelligence-based security protection

Data security best practices have shifted from relying on perimeter-focused efforts to crafting strategies around threat remediation and incident response. It’s unfeasible to expect security mechanisms to block every threat and intrusion. Businesses need to prepare for worst-case scenarios. That entails detecting malicious activity after it’s breached perimeter defenses. 

Organizations should monitor their networks for any anomalous behavior that could indicate the presence of a bad actor. The next step is to analyze the available data to spot trends that indicate network or security flaws.

Accurate detection of malicious activity requires constant visibility combined with sophisticated analytics. Organizations can augment their monitoring and threat detection capabilities with the help of artificial intelligence-based security protection. 

AI solutions can analyze more data with a finer level of precision than any human operator could hope to match. They can comb through far more data and identify even the most subtle indication of anomalous behavior. This enables organizations to address cyber threats before they have an opportunity to cause lasting damage. AI-based security tools are also able to update threat signatures in real-time.  Meanwhile, they also help businesses keep up with cybercriminal activity and the rapid release of new malware strains.

Build up IT resilience to weather the data security storm

Given the high cost of a data breach, businesses need to make a concerted effort to upgrade their security strategies in this coming year. New threats will continue to emerge and exploit lingering vulnerabilities. Having the support of an expert MSP that constantly monitors your network and adheres to the latest security best practices will significantly reduce the risk of a costly data breach.

To learn how to introduce scalable and reliable data backup solutions into your digital transformation strategy, download our guide “6 Practices for Better IT Resiliency Planning”.

Check our previous articles in this series, “3 Ways Your Infrastructure is Preventing IT Resilience” and “Is Your Risk Mitigation Strategy Resilient Enough?“.

Protect your critical data and applications with our turnkey Backup as a Service solution. Reinforced by our deep understanding of data center and network technologies and enterprise-grade managed services, this offering helps you resolve issues faster and free IT resources to refocus on business transformation. 

How to improve data protection strategies for the digital age

Digital transformation is changing the way businesses operate on a fundamental level. With many more digital platforms and emerging technologies like big data and the Internet of Things – the rate of data production has grown at a steady pace. With no sign of things slowing down, data protection is more important than ever. 

[Read more…]

How Deep Security Supports Better DevOps Processes 100%

IT organizations have seen too much of their time consumed by non-strategic tasks. This comes at great cost to their bottom lines and cloud transition strategies. 

In fact, a 2018 Stripe survey found that between dealing with bad code, technical debt and various refactors or modifications, most of the typical developer workweek was wasted.  

That leaves organizations with fewer resources for pushing their operations and businesses forward – for example, by securing the transition of their workloads into the cloud. 

Enter DevOps, exit IT bottlenecks

This is why many organizations have adopted DevOps as a methodology that reimagines the connections between different teams and the technologies they use. 

Implemented right, DevOps supports better collaboration and productivity. Meanwhile, its rapid iterative approach is a perfect fit for continuous delivery paradigms, wherein developers build around microservices and containers, supported by public clouds like AWS, Microsoft Azure and Google Cloud.

Thanks to the agility enabled by the combo of DevOps, microservice architectures and containerization, developers can release and update software at a cadence that benefits both the company and its customers. High-performing DevOps organizations outdo their competitors on multiple fronts:    

  • They deploy to-market faster.
  • Their change failure rates and time to recovery are much lower.
  • Revenue and profit growth are also higher at DevOps organizations.

To realize its full value, though, DevOps-driven development in the public cloud must incorporate security at every step. In fact, Amazon Web Services (AWS) now refers to that security as “job zero.” It takes priority over everything else.

Security has been a core concern around cloud computing since day one. It’s also caused some worry around containers since their rise to prominence in the early 2010s. Fortunately, solutions like Trend Micro Deep Security for Containers make it easier to secure containerized workloads in cloud-like AWS. IT organizations no longer need to choose between moving fast and staying secure.

Using Trend Micro Deep Security in a shared security model

Let’s look at interactions between AWS and Trend Micro Deep Security, in particular, to see they balance security with the fresh agility possible through DevOps. 

Customers putting workloads into AWS follow a shared security model. Under this setup, AWS itself takes care of the fundamental security of the underlying hardware and software. This includes everything from availability zones and edge locations to storage and networking. Meanwhile, the customer takes care of tasks such as identity and access management, client/server-side encryption and securing data.

It’s the latter set of responsibilities that have posed the greatest management challenge. Common problems include lack of visibility into what’s happening across environments, low automation and general difficulty in keeping up with the overall speed of DevOps.

The Deep Security advantage

This is where Trend Micro Deep Security can provide a pivotal advantage:

  • It delivers a comprehensive set of security controls, including log inspection and anti-malware, for AWS EC2 instances and containers.
  • For EC2 instances, it integrates with AWS Security Hub, GuardDuty, Lambda and other native security services.
  • It handles orchestration and automation through Puppet, Chef and Ansible.
  • Containerized workloads get full-stack protection, e.g. at the host OS, Kubernetes, Docker and container levels.
  • Intuitive features such as Deep Security Smart Check make it easy to identify and address vulnerabilities.

As a whole, Deep Security helps protect cloud instances and containers. This, in turn, simplifies compliance with applicable regulations as well as incident responses. IT organizations can capitalize on the promise of DevOps by moving beyond manual tasks and related complications.

Trend Micro itself is part of the AWS Partner Network, a partner of choice for AWS Managed Services, and a top security provider for many AWS customers.

Learn more Deep Security 

Softchoice and Trend Micro teamed up to deliver a recent webinar exploring container security using Deep Security in AWS. View the full session.