One of the more fun aspects of the roll out of GDPR has been watching people react to the imminent need to take security seriously.
After a decade of BYOD and a shift towards lassaiz-faire attitudes within SMEs, the pendulum is beginning to swing back towards a more strategic approach to maintaining data security.
Thankfully, the technology necessary to protect yourself against ransomware and penetration attempts is increasing at a parallel pace.
We’ve put together a list of 5 great data security technologies you need to invest in!
Two-Factor Authorisation
You’ve probably seen this one out in the wild already. Whenever you have to go to down two different routes to access one account you’re immediately complicating the process of someone hacking into it. In a standard enterprise set up, criminals can target the entire network by compromising one well-researched account.
Two-Factor Authorisation requires you to generate a login code or PIN from a different source. This is usually a device that you’re likely to have access to at all times like a phone or an email account that exists separately to the one you’re trying to access.
There are numerous third party solutions available for 2FA. Popular ones include Duo and SecureEnvoy.
Palo Alto Firewalls
Firewalls have never been particularly interesting, that is until Palo Alto got into the game. Palo Alto’s solution is a combination of high-grade hardware and intelligent, adaptive software. Palo’s service creates a network between all of their active installed devices, reporting back about new threats and adapting autonomously to counter them.
Palo Alto is now first choice for security conscious businesses and Managed IT Services providers, so it’s definitely worth investigating.
Network Segmentation
Once an account or device has been compromised, the threat can spread silently across your network. That is, of course, if devices on the same network are not segmented to prevent contagion. Setting up separate VLANs and creating physical barriers between networked devices and the routes they take to the internet could save you from having one person unable to work and an entire business at the whim of criminals.
Penetration Testing
Part of the problem with security is that you don’t know you’re vulnerable until it’s pointed out. Unless you regularly engage in attempts to discover gaps in your strategy you’ll never know they exist.
Penetration testing targets both the resilience of your network security and the practice of your employees. Various services exist that allow you to send dummy threats to individuals or devices, watching how they move through the network and how your employees react to them.
Security is never a once-and-done thing, so building a form of penetration testing into your cyclical security process gives you a better idea of your own weaknesses and how threats may impact you in future.
Air-Gapped Backups
How do you bounce back if the worst happens?
Businesses are getting better at backing things up, but those backups are also vulnerable unless they’re held separately from the network that devices live on. There are two ways to tackle this: cloud backup to a remote location, or physical backups that can be removed and swapped out.
If you’re looking at cloud backup, Veeam is the service we’d recommend, partly because the service in general is excellent and the product one of the best on the market, but personal experience has revealed that even when you’re compromised with ransomware, the backup files generated by Veeam are too large to encrypt.
We hope these tips have helped you take a more proactive approach to securing your data. If you’re looking for a safe and secure approach to capturing and storing visitor data you should check out VisiPoint! Arrange a consultation with our experts to find out more.