You need secure data. Whether you are using, saving or sending it, the bad guys want to steal (exfiltrate) it or encrypt it and hold it for ransom. Your defenses need to be complex: layered, limiting, diverse, obscure, yet simple.
One way to protect your data is through building a layered defense. “Technical controls,” like firewalls and intrusion prevention systems, can be configured so that if an attacker gets past one layer, another is there to take over. This is the most comprehensive security paradigm.
But a layered defense is just one paradigm of protection. Defenses are also based on four others.
Companies should give users not only access, but the proper level of this access. In addition to this access control, you should also remove orphaned accounts (like that from terminated employees) and administrative permissions that were given to the wrong user.
If an attacker breaches one level of security, he should not be able to breach the next with the same technique. This diversity can be achieved by using defense tools from different vendors.
You can obscure your systems against attacks on known vulnerabilities in those systems. For example, administrators can block unused ports. This can for example replace a door with a wall, giving the threat actor less information on your internal systems because a wall is harder to gain access through than a door with a lock.
Systems should be simple to those on the inside of your organization, but complex to those on the outside. As above, your company users need limited access and you should have administrators block unused ports.
Malicious threat actors can be in your systems right now, waiting for the perfect time to strike. You may even find out that you’ve already been compromised and your data has now shown up for sale on the dark web. You need an expert service provider who creates technical and operational controls with all five of these principles in mind.
Tech Kahunas is a San Diego Managed IT Services provider which provides IT support and services like 24/7 monitoring, data backup and restore, and malware protection.
Tech Kahunas will help you Defend Your Island. Set up a free 30-minute Strategy Session with us now.