October is Cybersecurity Awareness Month, and TrustLogix is proud to partner with the National Cybersecurity Alliance to sponsor this important drive. The objective is to raise individual awareness about the risks of online activity and some important steps each of us can take to improve our security posture and protect ourselves and our sensitive information.
It’s important to take a proactive stance to cybersecurity security as individuals and the same approach needs to be applied to our organizational security posture as well. In this blog we’ll share what the National Cybersecurity Alliance is recommending for individuals and also share what companies and organizations can do to move to get more proactive about securing their data.
Four Key Behaviors for Personal Cybersecurity
Historically the Alliance has unpacked this month into weekly themes on which to focus. This year, they are putting the spotlight on four key behaviors that we can all embrace to protect ourselves and our households.
- Enabling multi-factor authentication - All popular email services as well as financial institutions like banks, credit card companies and payment sites (e.g. Paypal) offer the ability to turn on multi-factor authentication (MFA). This can be as simple as getting a one-time text code to verify your identity when logging in, all the way to mobile apps and even hardware devices that generate strong one-time passwords. At a minimum, turn on text based MFA for your email service and anything having to do with your personal finances.
- Using strong passwords and a password manager – There are so many logins today, that it becomes common to reuse the same password or two across many sites. This is a *huge* security risk because you’re in effect creating a “skeleton key” for your online life and if that key is compromised the damage can be far-reaching. Instead, use strong passwords that are unique to each site and manage them with a commercial password manager tool to greatly minimize the risk of password exposure and limit the damage in the event that it happens.
- Updating software – Hackers are constantly finding cracks in different online sites and systems and this is a common reason we get frequent notifications to update our laptops and mobile devices with the latest software versions. Do not delay installing these updates as they take into account the latest hacks that we know about.
- Recognizing and reporting phishing – Phishing is the use of email to scam people out of their credentials (passwords) and personal / financial information. Everyone is familiar with the “Nigerian Prince” scam of some years back, but these attacks have become much more sophisticated in their tactics and execution – now they can look like very legitimate emails coming from your actual bank or employer. Use the link above to familiarize yourself with many of these tactics, and report phishing emails as soon as you see them.
Proactive Cybersecurity in the Enterprise
If we unpack the best practices above, we can see that getting proactive about cybersecurity is essentially about securing our credentials and our data. We can apply those same best practices in our organizations to similarly improve our security posture.
Regarding credentials, there is one important step that can significantly drive better security for your organization – Integrate every possible system with your enterprise Identity Management (IAM) systems. Many credential best practices, including the ones listed above, are typically already standardized in your IAM infrastructure. Leverage those by mandating that access to any other company resource, including basics like email and network access, must go through IAM.
Three Steps for Proactive Data-Centric Security
Data can be a trickier matter. There are generally many complex rules and permission sets that drive who in the company can see what data. This can be further complicated by contextual controls that define specific time periods when a particular person or group may see the data, and even what subsets of data they are permitted to access.
Here are three steps to take a proactive risk-management approach using data-centric security.
- Classify & Monitor Your Data – Regardless of where it lives – on-prem or in cloud providers like AWS Redshift, Snowflake, or Databricks – you should always have your finger on the pulse of who has access to what data, how are they accessing it, and who they are sharing it with -- and get proactive alerts on indicators of data mis-use and exfiltration which may point to a possible data breach.
- Fine-Grained Data Entitlements – Use data security platforms that can help you codify your business rules into data access control policies. Ideally, these can take your own entitlement systems into account, integrate with your classification tools like Collibra and Snowflake, and make it easy for your team to model access risks and enforce least-privilege access policies without requiring any manual coding.
- Enable Business-Security Collaboration - In some ways, individual cybersecurity can be easy as we are autonomous in our actions; unfortunately this is not the case in a professional context. Your data owners are the ones that best understand the business policies for data access, but it is your security team that is responsible for ensuring that happens properly. Implement policies and systems that allow your business teams and security teams to collaborate effectively to best safeguard your data.
Cybersecurity Awareness is an important initiative, and TrustLogix is honored to be able to do our part. While the focus of this month is on the individual, there are many analogs that we can draw and apply to keeping our organizational data secure as well.
Learn More: Rock Solid Security for Ephemeral Cloud Data Access Control
Learn More: Identify Blind Spots in Your Cloud Using Data-Centric Security