Here are our tips on how you can protect your information from trusted insiders (and uninvited outsiders) wherever it sits and however it is received.
Tip 1: Protect your infrastructure, where ever it may be
Ensure your infrastructure is encrypted and protected through:
- Virtualised infrastructure protection and encryption
- File encryption
- Database encryption
- Encrypted storage at rest and in transit
- Secure Cryptographic Key Storage
Tip 2: Use Multi-factor authentication
Multi-factor authentication with tokens such as smart cards or USB devices improves the security of access control. The signing of legally binding documents can also be achieved using these services. This improves security and auditing functionality when accessing data, information, locations or equipment.
Hardware tokens can also be used to provide confidentiality services. The digital encryption of data at transit and at rest (for example emails and other forms of messaging) means that only the intended recipient(s) of the message can decode and read the message.
Tip 3: Invest in Identity Management (IdM)
The ability to enforce a set of policies on users and the devices that connect with the network through the creation and management of trusted identities is fast becoming a must-have security capability – and assists in mitigating the trusted insider threat.
IdM is the management of individual and device identities, their authentication, authorisation, roles, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks.
IdM is inextricably linked to the security and productivity of any organisation involved in electronic commerce. ID management systems give organisations a way to control the swarm of untethered devices (Network Equipment, Computers, mobile devices) in the enterprise. An added benefit is departments, agencies and companies are using IdM systems not only to protect their digital assets, but also to enhance productivity.
The systems’ central management capabilities can reduce the complexity and cost of an essential process. The centralised access control also supports consistent security policy enforcement.
Tip 4: Think about more than just border protection
Border protection is important but can no longer be relied to solely protect your data.
The shape of border protection is changing due to the increasing range of complex and sophisticated attacks and the increasing businesses requirements for more complex packet inspection. As a result a traditional port based firewall can no longer be relied on to protect your network.
Next Generation firewalls (Palo Alto firewalls) incorporate a vast array of measures to meet security and business requirements. These include:
- Application layer firewalling
- Malware detection
- Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
- Protection from zero day vulnerabilities and exploit techniques.
Next Generation firewalls also incorporate traditional firewall techniques to ensure that the transition is seamless and cost effective. Using application based firewalling enables organisations to have full control over what can be accessed and who can access resources internal and external to the organisation.
The use of Next Generation firewalls will protect data internally to your network and dramatically reduce the risk of a breach to both your network and your data.
Tip 5: Seek advice from the experts!
Cogito Group is an Australian owned SME that specialises in systems integration and sustainment of digital security solutions. Cogito Group are the experts and are happy to talk to you about your requirements.