Besides using firewalls, what is one other security measure you recommend implementing to ensure comprehensive protection of the company's network and sensitive data?

Question

In the quest for comprehensive network and data security, we asked nine cybersecurity experts and business leaders for their top recommendations beyond firewalls. From training staff to spot cyber-scams to adopting a network segmentation strategy, these insights provide a robust approach to safeguarding your company's digital assets. Dive into the wisdom shared by these professionals to strengthen your cybersecurity strategy.

Mike Ouwerkerk · Answer

Most breaches are via staff, unfortunately. Why? Because criminals target them as they are often easy to trick. They can be tricked into clicking links that take them to fake websites (to steal login details), or to websites that can try to hack their device. Perhaps they are provided with damaging information that they don’t confirm (e.g., a fake invoice with the criminals' bank details in it), or they are convinced to give confidential information out to a criminal who is impersonating someone. So, if you want to avoid "most breaches," ensure your staff are adequately trained in how to spot cyber-scams and how to deal with them. Ensure they know how to report, whom to ask for help, and that they feel utterly comfortable doing so by providing a supportive and nurturing environment!.

Jordan Bridge · Answer

Having worked with numerous companies in managing their Cyber Security, I have noticed that many are lacking at the lowest level of security practices.One of my key recommendations for companies to use for protection, besides using firewalls, is implementing Two-Factor Authentication (2FA) on all logins. This is a highly recommended security measure to ensure comprehensive protection of a company's network and sensitive data. 2FA, also known as multi-factor authentication (MFA), is a critical security practice that adds an extra layer of protection to user accounts beyond just a password.Having 2FA in place can protect against phishing attacks and brute-force attacks, where attackers trick users into revealing their login credentials or run password-guessing scripts. Even if an employee falls victim to a phishing scheme and provides their password, or if the password is successfully cracked, the attacker won't be able to access the account without the second factor.

Anders Thornild · Answer

As I work in a cybersecurity company, I thought I would chip in. Besides all the technical elements of security, you should also consider the human element for cybersecurity. Your colleagues and employees deal with personal and sensitive data every day. They must be trained to know the dangers and risks in the digital world. You can have all the technical protection measures in the world, but if an employee clicks a phishing email or shares sensitive data in an email with somebody who shouldn't have access, you are having security breaches. Employees are a big part of your cybersecurity defense.

Dag Flachet · Answer

Compartmentalization. It's a long word that means to make small compartments. The analogy comes from shipbuilding. The hull of a ship is compartmentalized so that if one section leaks, only that section floods and the ship stays afloat. If in your organization the IT infrastructure is one central hull and it gets breached somewhere, everything is breached. So, you need to build internal walls and make sure that each employee only has access to the systems they need. This is also called the principle of least privilege. If a person's role is to edit content, don't make them an administrator. More walls mean more logins, more passwords, more MFAs (multi-factor authentication, yes you should), but also fewer sleepless nights.

Omar Masri · Answer

Besides firewalls, encryption is a critical security measure that can help protect the company's network and sensitive data. Encryption scrambles data so that it is unreadable to unauthorized individuals, even if they can access it. This can help to prevent data breaches and protect the company from financial and reputational damage. One way to implement encryption is to use a VPN to encrypt all traffic between remote users and the company's network. Another way to implement encryption is to encrypt all sensitive data stored on company devices and in the cloud. By encrypting data, the company can help to protect itself from a wide range of cyber threats.

Yogini Kuyate · Answer

Data encryption scrambles data so that it can only be read by authorized users, even if it is stolen or hacked. This is an important security measure because it can help protect your company's most valuable assets, such as customer data, financial information, and intellectual property.There are two main types of data encryption:File encryption: This encrypts individual files or folders.Disk encryption: This encrypts the entire hard drive or storage device.You can choose the type of encryption that is best for your organization's needs. For example, if you have a lot of sensitive data stored on your laptops, you might use disk encryption.Once you have encrypted your data, it is important to keep your encryption keys safe. You can do this by storing the keys in a secure location, such as a password manager or a hardware security module (HSM).

Joshua Maine · Answer

I highly recommend playing around with the fraud filters your merchant processor features. Like most brands, we've seen our fair share of bot attacks on our site. Some are attempting a breach to collect sensitive data, but most are skimming credit cards nowadays. Luckily, none have ever been successful. These bots will place thousands of orders on the site attempting to find a card that goes through. A velocity filter will prevent this. It basically caps the number of times a user can place a transaction. An IP address mismatch filter is important as well. Most of these attackers are placing orders from a location very far from the shipping or billing address. Lastly, our website bans any users outside North America.

Janet Patterson · Answer

We all know there's only so much you can do, technically speaking, to protect your company and its sensitive data. Because of that, we place a heightened emphasis on training our employees on how to avoid scams and phishing schemes. Every month, we dedicate an hour to keeping our employees up-to-date on the latest cybersecurity threats and how to best combat them.

Richard LeCount · Answer

Another important security measure to implement is a method known as network segmentation, which involves dividing the network into smaller, more manageable segments.We can do this using a variety of methods, such as routers and VLANs. However, the overall goal of network segmentation is to isolate any sensitive data and systems from the wider network. Network segmentation makes it more difficult for attackers to gain access to your sensitive data—even if they can breach the outer perimeter of the network, they will have a much harder time extracting anything that you've segmented.In addition, it also helps to reduce congestion in the network to improve performance, troubleshoot network issues more quickly, and helps to prevent the spread of any malware from spreading from each segment within the network.

Beyond Firewalls: Additional Measures for Network Protection

Beyond Firewalls: Additional Measures for Network Protection

Train Staff to Spot Cyber-Scams

Implement Two-Factor Authentication

Educate Employees Handling Sensitive Data

Apply the Principle of Least Privilege

Use Encryption for Data Protection

Choose an Appropriate Encryption Type

Leverage Merchant Processor Fraud Filters

Provide Regular Cybersecurity Updates

Adopt a Network Segmentation Strategy

Submit Your Answer

Related Articles

Comments

Leave a Reply Cancel reply