Data breaches are big-ticket news items whenever they happen at a major retailer. One needs only look as far back as the recent Target breach to see how much is at stake when security breaks down. And while you don’t hear about as many breaches taking place at financial institutions, such examples remind us of the importance of strong network security.
According to recent reports, Target ignored warning signs that might have helped the retailer prevent the theft of some 40 million credit card numbers and customer information. As Reuters reports:
There was no indication the No. 3 U.S. retailer responded to warnings that malware was being installed on Target’s system. Other automated warnings the company ignored revealed how the attackers would carry data out of Target’s network, according to the report.
“This analysis suggests that Target missed a number of opportunities along the kill chain to stop the attackers and prevent the massive data breach,” according to the Commerce, Science and Transportation Committee report.
Target’s information security team missed multiple warnings from its anti-intrusion software, the report continues, giving hackers the opportunity they needed in order to install malware on Target’s systems and plan escape routes for the mass data they had captured. Today two financial institutions — Trustmark National Bank and Green Bank N.A. — are suing Target and its PCI security auditor, seeking damages for losses they claim to have sustained as a result of the breach, according to ComputerWorld.
A firewall and intrusion prevention system are just one piece of the puzzle that is network security. The conversation goes on from there. Ultimately, the foundation to strong security requires a layered approach that includes both fundamental and advanced techniques, along a vigilant eye watching for some of the warning signs that hackers are approaching.
In our new report, 10 Components of a Comprehensive IT Security Program, we take a look at some of those crucial elements of network security. Here are five of those elements, condensed for the purposes of this blog:
- Employ a firewall and intrusion prevention system: These systems act as a first line of defense by controlling what data enters or leaves your network, and helping to monitor, log and report malicious activity.
- Keep Microsoft systems patched with the latest bug fixes and security updates: Hackers constantly search for loopholes and weaknesses they can exploit, and Microsoft is a popular target.
- Maintain up-to-date virus security software and definitions: Information security is constantly evolving. So are the threats. Keeping antivirus software and definitions up to date helps protect systems from the latest known malware.
- Deploy an ongoing server hardening solution to move common and critical vulnerabilities: Server hardening is the process of reducing the number of avenues from which your systems can be attacked.
- Use a hosted DNS solution to protect against malware downloads: Proactively block the resolution of known bad domains, and is particularly useful for preventing malware from being inadvertently downloaded while surfing the web.
The free 10 Components of a Comprehensive IT Security Program report is available for download here.