Some technology investments offer a clear return. They provide a new capability that will allow you to introduce a new product or service and earn new revenue. Other technology investments aren’t as clear-cut. When it comes to investing in security products, how do you assign a value to the risk reduction they offer? They may not increase profit, but they minimize the odds of paying large fines and other costs that follow a data breach. The average cost of a breach is $148 per record.
So not spending on information security is not an option. There’s a wide range of security technology you can invest in.
Basic Cybersecurity Controls
If you do nothing else, do these two things: Use SSL and use antivirus software.
Using SSL means that network traffic will be encrypted. As a result, no unauthorized users will be able to read the encrypted traffic.
However, SSL doesn’t mean the traffic you receive isn’t malicious. To protect against that, you need antivirus software. Antivirus software identifies known threats in incoming traffic and prevents them from being delivered or harming your systems.
These two controls provide a minimum level of protection for your data.
Standard Cybersecurity Controls
SSL and antivirus software are a good start, but they’re really the bare minimum security effort you need. Two other controls should be considered standard and mandatory for protecting data. These are virtual private networks (VPN) and firewalls.
A VPN allows users outside your network to have a secure connection to your network. If you have employees who work from home or other out-of-office locations, you should require them to use a VPN when connecting to the corporate network. VPNs offer a level of protection that goes beyond simply encrypting traffic; using a VPN “hides” the actual source and destination as well as message content from the many intermediate systems that process traffic along the connection path.
Firewalls allow you to place controls on what kind of data you allow into your company network. Traffic that uses certain protocols or tries to connect to specific ports can be blocked entirely or limited to known, trusted systems. If you have systems in the cloud, you can still use firewalls, but need to make sure they are cloud-compatible.
Additional Cybersecurity Controls
Once you’ve got your network protected through SSL, VPN, and firewalls, and are protecting your users and data with antivirus software, you can consider adding many different kinds of security products. These include:
• intrusion prevention/detection systems. Firewalls block specified kinds of traffic on specified ports, but they don’t look too closely at the content they allow through. IPS/IDS systems take a deeper look at the content to identify threats. While an IDS will simply report suspected dangerous traffic, an IPS is able to take action to block the threat.
• data loss prevention software. Rather than attempting to detect threats entering your network, data loss prevention software (sometimes called data leak prevention software) attempts to detect data being used in ways it shouldn’t. Typical DLP software has rules that allow it to identify sensitive data, such as social security numbers, in documents and that require such data to be encrypted or to remain inside the corporate network.
• cloud access security broker. Cloud makes it harder to keep track of where data is being used and to limit how it is accessed. A cloud access security broker makes it possible to control data usage in the cloud.
• enterprise mobility management software. Like cloud, mobile devices make it hard to control access to data and protect it from threats. Enterprise mobility management software allows you to protect systems even when they’re used remotely from cellphones and tables.
You don’t need to use all of these tools to provide information security. Prescient Solutions offers IT consulting services to businesses in Chicago and Schaumburg. Our certified experts will develop and implement a comprehensive strategy that works across your premises and the cloud so your data is always safe. Contact us to learn more.