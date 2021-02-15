(AGENPARL) – THE HAGUE (THE NETHERLANDS), lun 15 febbraio 2021

Data breach stats for the first half of 2018, for example, saw the exposure of 4.5 billion data records directly related to data breaches. During the following year it was reported that a collection of 2.7 billion identity records (including 21 million unique passwords and 774 million unique email addresses) had been uploaded online for sale. And although this data breach trend seems to be waning in 2020 according to Statista, your concern about data safety definitely shouldn’t.

Security infringements and the vulnerability of sensitive data have become an inevitable component of the modern digital landscape. These are common issues that do not have major preferences in terms of company size and/or the industry it operates in. Numerous organizations, as well as solopreneurs, are experiencing data losses induced by cybersecurity gaps. These gaps occur either due to negligence, insufficient security funds, or simply because the security-focused mindset across the entire spectrum of employees hasn’t been developed enough.

Even though we live in the age of information, there are still far too many businesses that are yet to bring their A-game in terms of data safety best practices, and in so doing, ensure they are doing everything in their power to prevent the worst possible scenarios. If you seek ways to improve this aspect of your systems and operations, and protect your sensitive information, financial records, as well as the data pertaining to your own employees and clients, we recommend considering these data safety best practices.

The Protection of Your Accounts is as Strong as Your Weakest Password

It does seem a bit strange that we have to talk about how critical strong passwords actually are in 2021, but the statistics say otherwise. Weak passwords account for 8 out of 10 data breaches. These scenarios are frequently caused by easily hackable generic passwords used by employees across organizations worldwide. We strongly suggest against the re-use of the same password for multiple accounts, tools, and platforms – especially if they contain sensitive data that can lead to company secrets getting exposed.

You need to ensure high security levels across an entire infrastructure. To do that, each employee should be encouraged to use strong passwords consistently and across all their digital accounts.

For the most sensitive data, we recommend deploying an A-list piece of software that manages all your accounts and passwords for you. It is also recommended that you refresh these passwords approximately 3 to 4 times a year.

Data Ecosystem Testing and Encryption

Year 2020 has taught us that the current digital environment allows much more freedom in terms of remote work. Without even jeopardizing the performance of a business’ workflow. Portable devices have become an integral part of both our professional and everyday life. Each individual operates within their own micro-ecosystem of tablets, smartphones, laptops, personal computers, and other similarly portable gadgets.

These are all potential points of entry from the security standpoint.

The chances of potential data breaches are growing each day, with each new device we start using for professional purposes. This is why data encryption and regular testing are crucial across physical servers as well as cloud-based systems.

Boilerplate measures like firewalls and antivirus pieces of software are becoming easily hackable. Especially when the attacks are coming from top-tier hackers. Encryption of your data flows has become the norm with the prevention of malicious attacks and data theft scenarios. Although you are positive that your security systems are in place and as sturdy as possible, testing their protection levels regularly can indeed make the difference.

Eliminate Insider-based Security Gaps

Numerous companies tend to focus on outside threats almost exclusively. The truth is, potential breaches and data theft can come from your own employees and coworkers and be equally harmful.





Though these scenarios are typically rare, insider threats are quite difficult to detect and mitigate in a timely manner. And we’re not only talking about planned company secrets leaks and exposure by malicious employees or clients. We are mainly focusing on unintentional security gaps.

These situations usually involve a team member inadvertently leaking critical data or letting harmful software in. Think ransomware-packed emails or data transfers that can cause damage to your systems or access your data. Without your employee even knowing it.

To prevent these scenarios, we suggest raising awareness about these accidental insider threats among your teams. As well as having adequate protective software pieces in place.

Implement an Effective Email Archiving & Retention Policy

Emailing platforms are among the main data-flow arteries within your communication channels and infrastructure systems. Not only are they used to communicate various ideas, business strategies, and schedule important meetings, emails also carry account invitations and contain employee credentials.

This is where incorporating a strong email retention policy and taking proper care of email archiving can help. In terms of both data safety and information retrieval. Being able to protect and access pertinent data is crucial should a company get involved in legal issues that could multifaceted damage.

Protect Both: Granular Data AND the Infrastructure

Protecting your data should be a two-fold approach: micro and macro. In this case macro is your infrastructure system, while micro refers to granular data itself. Securing only one and not the other could prove very dangerous. Organizations that practice this type of strategy are orders of magnitude more susceptible to security breaches than those that tackle security on both levels.

For example, making sure your firewall technology is top-shelf, without protecting your data on a micro level as well, leaves major gaps for data theft to occur. The same goes the other way around.

When your physical or cloud infrastructure is safe, be sure to protect other channels as well. This type of vulnerable data goes through your clients, suppliers, your customers’ employees and partners, outsourcing channels, third-party software and systems. This ecosystem of data-flows and channels harbor myriad weak spots that could act as points of entry for attackers.

Regular System Updates & Data Backups

Another boilerplate piece of advice. But be sure to keep your systems regularly updated and properly patched as they are only as secure as their most recent update. Also, ensure your data is properly backed up so it can outlive potential disaster and breach scenarios.

Closing Statement

Making sure all the technical aspects of protecting your data and systems are in place is the very fulcrum of reaching ultimate security levels. However, it is often the mindset that creates vulnerability as teams and employees tend to loosen up a couple of notches too much. Especially when the physical systems are protected with top-tier security layers. This is why creating a security-focused environment, both physical and mindset-wise, is the only way to reduce chances of actual threats and breaches to a minimum.

