According to Verizon’s 2020 Data Breach Investigations Report, there were 3,950 confirmed data breaches in 2020 alone. Of those, personal data was accessed in nearly 60% of the breaches that occurred. That’s almost twice as often as the previous year. There’s no doubt about it – cybersecurity protection is more important than ever before.
For organizations that handle personal data, keeping identifying information safe is an important part of cybersecurity protection. The Verizon report found these industries had the most confirmed data breaches:
- Professional services, such as law firms and accounting firms
Keeping personal data safe with professional IT solutions – such as network security and data encryption – is important for a couple of key reasons:
- According to IBM, data breaches cost $4.24 million, on average. This includes direct and indirect costs, such as managing the breach and lost revenue due to downtime and customer turnover.
- Federal laws mandate the protection of personal data in many industries. Failure to comply can result in hefty fines.
Personal data can include:
- Customer contact information
- Patient medical records
- Any data that relates to an identifiable individual
If your company handles any personal information, the following cybersecurity protections are a must.
A firewall is a network security system that monitors incoming and outgoing traffic. It operates based on a set of predetermined cybersecurity rules. These rules protect your network from malicious or unnecessary traffic. A firewall will provide many network security features your business needs. This includes business-grade internet threat detection and prevention, content filters and malware prevention.
At Atlas, we recommend all businesses use the SonicWall Advanced Gateway Security Suite (AGSS). This includes all of the network security products that are available from SonicWall, including:
- Application controls
- Content filtering
- A cloud-based sandbox to stop advanced email-borne threats, like ransomware and malware
A Virtual Private Network (VPN)
When users access company files from a personal computer, it’s important to protect and encrypt personal data from hackers. This is rarely possible without the protection of a Virtual Private Network (VPN). A VPN essentially creates a secure tunnel between the user’s computer and the office servers. It then uses data encryption to protect personal information. The encrypted data looks like gibberish to anyone who intercepts it, making it near impossible for hackers to read.
Your professional IT solutions team can install the VPN software on company-issued or personal computers. However, many companies prefer to provide employees a company-issued device to further reduce telecommuting security risks.
Thanks to data breaches, malware and other forms of cyberattacks, it’s virtually impossible to secure an online or mobile account with just a password. Multi-factor authentication adds another step to authenticating users’ identities. This makes it more difficult for cyber-attackers to access data.
Step One of the authentication process is providing a user name and password. Step Two requires the user to provide another piece of information to complete the login process. This could include a verification code, answer to a personal security question or biometrics, like a fingerprint scan.
We recommend all our clients use multi-factor authentication for layered cybersecurity protection and highly recommend Cisco’s Duo product.
Advanced Threat Prevention (ATP) and Advanced Threat Detection (ATD)
In today’s environment, businesses need to take a layered approach to cybersecurity. That means various security solutions working at various levels of an IT infrastructure. Included in this should be Advanced Threat Prevention (ATP) and Advanced Threat Detection (ATD) solutions.
The purpose of both ATP and ATD solutions are to protect against advanced malware threats. These are also known as advanced persistent threats (APT). They involve a long-term process that a hacker begins by gaining access to an operating system or network. The code may sit undetected on the system until the hacker is ready to attack and steal personal information.
We use Huntress for advanced threat detection and Vijilan for ATP.
This layered approach to cybersecurity protection will greatly reduce the risk of a personal data breach. And, for businesses that have cybersecurity insurance, many carriers will require the above protections in order to provide coverage.