Business - January 29, 2019
Customers are getting more sophisticated every day. If you are handling or transporting their private or sensitive information such as payment information, personal information, payroll information, documents, intellectual property, health care information or any type of sensitive data, they want assurances that you can be trusted. If your business cannot credibly respond to information security questionnaires, you will lose business to your competitors that can.
Most organizations have firewalls that protect the network edge from known intrusions by blocking suspicious or malicious traffic. Many of those same organizations do not block or inspect outbound traffic and allow information to leave the network that may be deleterious. For example, by allowing network traffic to leave your network in an unencrypted format (such as personal email, file transfers, web site log ins, and others) sensitive information may be exposed. Since many people use the same passwords for work and personal accounts, allowing unencrypted traffic may expose user credentials that could be used by an attacker. In addition, if a hacker were to gain access to your network, they need a way to send data out without being detected. Hackers will use the unblocked outbound protocols to send your sensitive data to their networks or use them to send command and control traffic.
Organizations employ the use of complex passwords to try and foil password guessing attacks. Did you know that there are databases available that list thousands of passwords that have already been hacked? By running this database against your passwords, a hacker can perhaps gain access to accounts with escalated privileges. Many users will come up with simplistic ways to meet complexity requirements that are predictable and vulnerable to guessing. Use of passwords like “P@ssword123” is common and can create a gap in your security.
The best defence against a ransomware attack (besides regular updates and patching) is having a good backup. If you are struck by a ransomware attack, you can simply restore the original files before they were encrypted by the attack and then tell the hacker to take a hike. However, many organizations are unaware that ransomware code can be programmed to lay dormant for a long period of time. Sometimes, it can be dormant long enough to be present in backups taken quite a while back.