In the current IT climate, passwords are being continuously stolen and sold on the Internet for high profit. Attacks are getting bigger and more dangerous, with a huge range of high-profile companies suffering data breaches in the recent past.
LinkedIn reported that 117 million emails and password combinations were stolen and sold on the dark web between 2012 and 2016. Similarly, Yahoo has reported that over a billion passwords have been stolen since 2013. These companies are not alone, as data breaches have also been reported by other Internet giants, including Dailymotion, Tumblr and Dropbox. It has been estimated that by 2020, over 300 billion username and password combinations will be at risk of being hacked, stolen and sold on the dark web.
The growth of Big Data, and a widespread recognition of its value has led to corporate data becoming more and more valuable to hackers as well as the companies that hold it. With the spotlight on how companies plan to secure their customers' data in the long-term, and the additional pressure of GDPR set to come in next year, IT administrators must continue to look for methods to protect their organisations from an increased threat to their data.
The ‘CIA' approach – Confidentiality, Integrity, Availability – is regarded as the pinnacle of data security. Of these, perhaps the most important component is ‘Availability'. The ability for the right people have access to the right data at all times is key to ensuring sufficient data protection. Availability also means all hardware must be constantly maintained and updated as and when needed. Denial-of-service or Distributed-Denial-of-Service (DDoS) attacks are becoming more frequent, requiring a sufficient level of availability to counter them.
But why are such measures necessary? It is largely because the sources of intrusions have multiplied, making it more difficult to protect against them. Most antivirus software or firewalls are able to detect and fight classic viruses, but are largely ineffective at protecting against newer viruses.
Businesses and individuals must become more proactive in fighting viruses in order to properly protect themselves from a cyber-attack. Faults and configuration errors in terminals or applications could result in a loss of confidential data, and a network administrator must be able to intervene before the firewall breaks down.
Another risk to network security and data is the growing trend of BYOD (Bring Your Own Device). According to a study by the Observatory of HR and e-transformation, 71 percent of employees use personal devices for professional purposes. An increase in the demand for employee and consumer mobility and availability has led to companies not prohibiting access to personal devices in or for work. Laptops, smartphones, USBs and external hard drives are all examples of personal objects that can be connected to a larger IT network, potentially impacting upon cyber-security protocols. These users are often unaware of the danger their personal devices can inflict on the network, and it is therefore essential to have solutions capable of automatically detecting the connection of any new device to the company network.
We must also not forget ‘physical' risks to data, either. Data centres are all at risk from fire, flooding or overheating, which an antivirus would not be able to detect or prevent. Therefore, it is important to have in place sensors that can detect movement, humidity and heat to alert people of potential dangers. Physical surveillance must also be part of the company's policy to protect data, as the effects could be just as damaging.
So how can we, as a collective, continue to guard against these constant physical and cyber-threats? An administrator must be able to access and supervise the network in all areas at a glance in order to act effectively. An effective IT monitoring solution will require the amalgamation of multiple key indicators and security tools into one, simple customised dashboard. This provides the administrator with an overview of existing and newly connected devices on the network, and help to immediately detect abnormal activity or intrusion from outsider influences, both cyber and physical, from any connected device.
This will include detection from peak of affluence, sudden loss of the entire memory and suspicious activity in email traffic. It will also be able to anticipate any other possible malicious intrusions, ensuring optimal data activity at all times. A network monitoring tool effectively provides a panoramic view of the IT infrastructure, preparing the administrator in advance of an attack, rather than leaving them to defend a breach that has already taken place.
Contributed by Dirk Paessler, CEO of Paessler
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.