Data at rest is frequently left sitting without any form of encryption attached to it. If an intruder is able to hack past the firewall or walk off with a server, there is no protection for the data inside if it lays unencrypted. It is essential that the solution selected to meet this requirement features built-in encryption and key management mechanisms that ensure data is always secure, while at rest and while being transmitted.
3. Maintain a Vulnerability Management Program – This is primarily to ensure that you use and regularly update anti-virus software and secondly, that you develop and maintain secure systems and applications. All applications, as well as the network itself, should be protected by an anti-virus solution. And secure systems and applications exclude those that have embedded user credentials, often the case in many database applications.
4. Implement Strong Access Control Measures – This can present a challenge since it does not simply define Identity Management measures but also the need to ensure that data is only accessible on a "need to know" basis. Ensuring that users have access only to the level of data that they need is an important step in preventing data theft, particularly internal data theft. A good solution would store data in a highly departmentalized manner, allowing only authenticated users access to data based on their level of authorization. Every user should be assigned an individual account that easily allows them to access the data they need, while restricting them from accessing additional information.
5. Regularly Monitor and Test Networks - This section requires that you track and monitor all access to network resources and data and regularly test security systems and processes. One of the best ways to do this is to have an automated audit trail to assess who had access to data if a security breach was to occur.
The optimum solution guarantees individual logging, while also recording every successful and unsuccessful event, such as login, data access and administrative activities. Additionally, these audit trails should also be stored in a safe manner and be encrypted and signed and unable to be altered manually. Another key feature to look for is the solution’s ability to maintain an audit trail for a predefined period of time, making it impossible to delete the log before the retention period expires.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.