There's a new blog post over at The Hacker News that covers three focus areas that can help you prevent data loss. It's an excellent topic and it aligns nicely with our earlier conversations on proactive network security.
Data loss usually takes place at three different states in the network:
- As data is transferred into or through the network
- As data resides in network storage
- As data resides on an endpoint such as a PC or removable drive
How do you protect your data from compromise in all three of these states?
The first focus area is the data itself. What kind of data are you dealing with? Where is it kept? Who should have access? Are there any compliance regulations governing this data? Identifying and classifying your data will guide your security policies and ultimately help you determine if any data is being accessed outside of acceptable use.
Once you have policies in place you need to be able to respond to security incidents in a timely fashion. For this you need robust logging and reporting, and it should be simple enough to use so the learning curve doesn't discourage its use. You will also want a methodology to respond to threats, which includes information such as how to respond, who to inform, and how to incorporate lessons learned into future workflow.
The final piece discussed in the article is regulatory compliance. If you are dealing with data governed by HIPAA, PCI, etc., then the data is subject to specified encryption and access rules. You need to ensure that the rules are followed, the data is safe, and risk of a breach is mitigated.
We discussed most of this already in our articles on proactive network security. This is probably a good time to remember that according to recent studies, less than 25% of IT spending was used to protect “the core storage units, servers, applications and databases.” and only about 20% of enterprises have a security strategy that extends to their databases. As you consider your data needs (identified in the first focus area), give some thought to the weakest points in your network. Are your endpoints secure? What kind of removable media policies do you have in place? How is your data most likely to be compromised?
Another thing to keep in mind is how your data is used on mobile devices. Do you have a mobile device policy? If so, how are your network, data, and users protected from attacks? Taking the time to think about these things and visualize some scenarios can help you uncover hidden weaknesses in your system.
If you're sporting Barracuda in your security infrastructure, you'll find a number of features that will help you focus on the critical areas identified in this post. For example,
- Barracuda Spam Firewall and Barracuda Email Security Service include Data Loss Prevention technologies that scan outgoing email for sensitive information such as credit card numbers and social security numbers.
- Barracuda Web Filter has web security agents to extend corporate policies to off-network computers, and spyware removal tools to disinfect compromised computers.
- Barracuda NG Firewall protects network assets from intrustion, malware, spam, DoS attacks, APTs, and more. It is managed with a robust NG Control Center that includes audit logs and history screens to help identify security problems.
- Barracuda Web Application Firewall protects against SQL injections, XSS attacks, OS command injections, session tampering, buffer overflows, XML attacks, and more. It's easy to install and it offers robust reporting that makes it easy to monitor for compliance issues and security risks.
Our entire security line can be found here. Each product has amazing, powerful features, and is available as a risk-free 30-day demo from this page. If you'd like more information on our security products, visit the Barracuda product pages here. If you have questions or comments, hit us up on social. Facebook, LinkedIn, Twitter or Google +.