10 Ways to Prevent Data Loss

A look at security concerns, as well as the quick way to address them.

Sadik Al-Abdulla leads a team that spends its days assessing and cracking into systems to find weaknesses. As director of security solutions for CDW, Al-Abdulla’s team has conducted more than 5,000 network, malware and data loss prevention assessments.

Now, based on assessments done in the past two years, here are what Al-Abdulla calls the five "highest-risk, easiest things to fix":

1. Risk: Gaps in configuration and gaps in patch discipline

The Fix: Document, remediate, automate, review and repeat.

2. Risk: Bad passwords

The Fix: Educate users and test, test, test.

3. Risk: Phishing attacks

The Fix: Teach users what to avoid and to report attacks.

4. Risk: Arbitrary trusts between systems

The Fix: Make sure systems don’t allow unintended access that would let an intruder crack one and then gain unguarded access to more critical systems.

5. Risk: Interconnected end-user systems

The Fix: Ensure that there’s effective internal network segmentation; other than for IP communications and instant messaging protocols, user systems do not need to talk to one another.

In addition, Al-Abdulla noted five complex challenges organizations must confront and that require IT, security and management teams to work together to focus on the triad of policy, education and technology enforcement:

6. Risk: Exploitable sensitive data

For Starters: Create a distinct infrastructure for mission-critical systems.

7. Risk: Malware egress points

For Starters: Hunt for the malware, removing it, repair the infrastructure — repeat.

8. Risk: Data leakage

For Starters: Identify data traveling where it’s not supposed to, plug the leak — repeat.

9. Risk: Poor data policies

For starters: Assess the network, fix leaks, rewrite policies and enforce them.

10. Risk: Email gaffes

For starters: Educate users about data that is sacrosanct and should never be gathered, shared or stored in email systems.

Read additional security tips from state and local CISOs here.

Sep 30 2015