Category: Cybersecurity

Data is the heart of every business. It is, therefore, crucial to keep it from falling into the wrong hands. Recent headlines, unfortunately, suggest an increase in cases of sensitive data of companies getting stolen. One of the factors contributing to this trend is the rising number of endpoints employees use for their work. Endpoint devices like laptops, smartphones, tablets, etc. connect to the corporate network. The theft or loss of any endpoint could lead to financial loss and reputational damage. Therefore, it’s important to implement necessary security measures to prevent or mitigate potential damage.

What Is Data-Centric Security?

Data-centric security focuses on protecting sensitive data instead of the systems that store it. Here, data is classified based on its sensitivity, and security controls are applied to the data rather than the systems that handle it. This model allows companies to secure their sensitive data irrespective of where it’s stored or how it is accessed.

Importance Of Data-Centric Security Strategy In Today’s Digital Landscape

Cyber-attacks are a threat to businesses of all sizes. Given that companies collect and process vast amounts of data, it is vital to protect sensitive customer information, financial records, and intellectual property. Nowadays, such data is stored and accessed through various endpoints. By applying a data-centric security strategy, organisations can mitigate the risk of cyber-attacks. This involves having security controls in place to protect against cyber threats, as well as backup solutions to ensure that data can be quickly restored in case of a cyberattack.

Data breaches can put a company’s reputation in ruin. A single data breach can result in significant financial losses, legal liabilities, and loss of customer trust. According to Statista, the global average cost per data breach, as of 2022, stood at $4.35 million (Rs. 357.6 million), a rise from $4.24 million (Rs. 348.5 million) in the previous year. A data-centric security strategy can help prevent data breaches by using data encryption, access control, and data loss prevention techniques. If an endpoint is compromised, the backup and recovery solution, which is part of the data-centric security strategy, ensures that the data is secure and protected.

Devising A Data-Centric Security Framework

Key elements essential to a solid data-centric security strategy framework include:

1. Data classification: Data should be categorised as per its sensitivity and use case. It involves identifying the kinds of data after data discovery and assigning classification labels to that data. This is a vital part of the framework because different forms of data need different approaches and levels of protection.
2. Access control: After the data is classified, access controls can be put to ensure that only authorised personnel can access it. This includes authentication and authorisation mechanisms like role-based access control and multi-factor authentication (MFA). Data must be assigned on an as-required basis. This ensures users are only exposed to the data they require for undertaking their tasks and nothing beyond it.
3. Encryption: Encryption protects data in transit and at rest. So, even if an attacker gains access to the data, the individual is not able to read it without the decryption key.
4. Data monitoring and auditing: With data monitoring tools, security teams can quickly detect any suspicious activities. Auditing tools can track who gained access to what data, allowing enterprises to investigate incidents and ensure compliance with regulations.

Transform Endpoint Backup And Recovery Into Data-Centric Strategy

A study by the Ponemon Institute, published in January 2020, found that 68% of respondents (IT security professionals) reported that their enterprise experienced one or more endpoint attacks that compromised data assets and/or IT infrastructure. Endpoint devices are often used by employees to create and access company data, making them a crucial part of an organisation’s data infrastructure. However, these devices are also highly susceptible to data loss due to hardware failures, software errors, cyberattacks, and user errors.

Enterprise Endpoint Backup Solutions help organisations address these risks by providing automated, real-time backup and recovery of endpoint data. This ensures that important data is protected against loss or corruption and it’s quickly restored in the event of a disaster or outage. Yotta Safe offers data protection solutions with features such as remote data wiping, seamless technology migration, compliance management, and ransomware protection. With Yotta Safe, users can benefit from better control and visibility over their data, simplified technology migrations, compliance with legal requirements, and protection against cyber threats.

Setup A Disaster Recovery Plan

A Disaster Recovery Plan is essential to any comprehensive data-centric security strategy. It lays down the procedures for responding to an attack, thereby minimising its effect, and quickly recovering from the damage caused.

To set up a disaster recovery plan, the enterprise must identify its critical data. This will help prioritise which data requires immediate recovery. Next, the recovery objectives should be established, based on which, a recovery plan is created. The procedures for backup and restoration of critical data must be included. It’s important to regularly test and update the disaster recovery plan to ensure that it’s effective and relevant.

Prioritise Data-Centric Security In Your Enterprise

A data-centric security strategy is important for any company that wants to protect its sensitive data, adhere to regulations, reduce downtime, and improve productivity. While creating a framework for this strategy, it is wise to include enterprise endpoint backup solutions for ensuring complete protection of the critical data on endpoints. Creating a disaster recovery plan is useful as it provides a roadmap for restoring data to its pre-attack state. It helps minimise data loss by outlining procedures for data backup, restoration, and system recovery.

A data-centric security strategy, in today’s landscape is no longer an option but a must for organisations to secure their sensitive information from cyber attackers. With the volume of data continuing to grow, the need for a data-centric security strategy is only going to increase. To stay ahead, organisations need to continuously improve their security measures and invest in the latest cybersecurity solutions.

In today’s digital-first world, businesses are rethinking their approach to security. Instead of a traditional reactive approach of band-aid security solutions, CISOs are now looking for scalable, long-term strategies that could proactively protect their enterprise environment and prevent cyber criminals from taking advantage of vulnerabilities that got exposed during crisis situations like the one we all are currently going through.

With millions of people working from anywhere, the attack surface for cybercriminals has increased considerably. Hackers have been quick to take advantage of the loopholes created due to relatively less secure remote working mechanisms, leading to a huge rise in cyberattacks. And with attackers successfully evading defenses, business and security leaders are forced to rely on converged security approaches to address new remote workforce challenges.

Just a cursory look at some of the recent findings from different cyber security OEMs, points out to the huge increase in threats. A recent report from Fortinet, highlighted that home branch offices remained a big target for cyber criminals, wherein they targeted IoT devices such as home routers, connected security devices, home entertainment systems. Similarly, the 2021 SonicWall Cyber Threat Report highlights how COVID-19 provided threat actors with ample opportunity for more powerful, aggressive, and numerous attacks, thriving on the fear and uncertainty of remote and mobile workforces navigating corporate networks from home.

A report from Norton also highlighted that 45 percent of adult Indian internet users faced identity threat in 2020. This figure rose by nearly 40% to 2.7Cr since 2019. This is roughly over 2% of India’s population. Additionally, Norton also stated that 59% of all adult Indian internet users faced cybercrime in some for or the other in 2020. As one can see, a distributed workforce has raised threat levels to a new, higher level, as home users do not have the same level of protection as an enterprise does.

Changing threat landscape

Cybercrime has also got more sophisticated and more targeted. Hackers are constantly exploring new dimensions and vulnerabilities that they can exploit. For example, last year’s biggest enterprise security incident, which caught some of the most prominent organisations by surprise, was the SolarWinds attack, where hackers created a backdoor in SolarWinds’ Orion network monitoring software. This proved to be a big area of vulnerability, as updates and patching are rarely monitored, and highlighted the importance of permissions or access rights allowed for third-party software.

While AI has helped improve security, it has also enabled hackers to find new software vulnerabilities. AI today is increasingly used by hackers to create smart malware that understands how to exploit specific vulnerabilities in the host system and evade detection.

The increased adoption of the cloud has also brought certain vulnerabilities in the cloud ecosystem to the forefront. Most of these vulnerabilities are due to improper implementation or enforcement of cloud security controls from the customer. This includes cloud misconfigurations which can put credentials at risk. For example, a common cloud misconfiguration error leaves unencrypted data exposed to the Internet without any authentication. This happens because organisations leave the default permissions unchanged and make the mistake of assuming that the same settings that work in on-premise environments will work the same way in a cloud-based environment.

The Cloud Security Alliance lists ten more common threats. This includes data breaches, lack of cloud architecture and security, insufficient identity, credential, access and key management; account hijacking; insider threats; insecure interfaces and APIs; weak control plane; metastructure and applistructure failures; limited cloud usage visibility and abuse and nefarious use of cloud services.

Ensuring secure remote access

As organisations are now operating in the era of what can be termed as the ‘unbound enterprise’, the realities of distributed workforce and digital transformation require them to adopt a strategy of enabling productivity from anywhere while securing data everywhere.

Enterprises have responded by trying to provide secure access to corporate applications. This includes giving access using VPNs or cloud-based zero-trust authentication solutions. Some enterprises have also tried to ensure secure access to company data and applications using virtual desktops. This also ensures that confidential data cannot be downloaded to a remote or home computer.

In certain cases, the attacks culminate on the endpoint or the network layer, which makes traffic monitoring essential. This is where proactive network forensics becomes critical. It’s next to impossible for enterprises to evade security breaches, but if they are armoured with network forensics capabilities, they are in a better position to defend against future attacks proactively.

Concerning cloud security, enterprises must understand that a big responsibility of configuring cloud security settings lies with the customer. Enterprises can also use cloud-based automation tools to enforce rules and find out exceptions or vulnerabilities in their cloud environments. In remote working environments, organisations can also take advantage of techniques such as endpoint backup as a service to ensure adequate protection of data in remote desktops or laptops.

For ensuring protection in an always-connected world, enterprises should take help from the expertise of Managed Security Service Providers (MSSPs). Equipped with the right technology and people, MSSPs can ensure a holistic and continuous threat monitoring service. Simultaneously, organisations can also place an additional layer of security by using zero-trust authentication and monitoring user behavior using analytics.

More importantly, for ensuring a holistic security policy, the combination of people, process and technology must work in close coordination. Even the best technology and process cannot prevent an organisation from getting hacked if its employees are unaware of basic security hygiene. Enterprises must enforce this as part of their security policy. In most organisations today, ISMS trainings are mandatory and a part of employee induction.

In today’s complex IT environment, which includes a mix of onsite and multi-cloud environments, the focus has moved from protecting data in a defined perimeter. Today, there are no boundaries, and identity is the new perimeter. Hence, security must be embedded as part of the design, which can help enterprises be proactive in mitigating security risks across the entire ecosystem (suppliers, partners) and lead to improved business confidence.

Source: https://ciso.economictimes.indiatimes.com/news/why-security-is-paramount-in-a-digital-first-economy/83910422