Security breach 101: How to recognize and prevent cyber attackers
Security breaches are rising at an alarming rate; here’s how to recognize a breach, avenues they can come from and best practices for prevention
Once an agency records management system has been updated or is newly put in place, agencies should be mindful of potential avenues from which cyber attackers can breach system security. Security incidents are on the rise at an alarming rate annually. As these threats increase in complexity, network security measures must also advance in order to safely deploy and manage secure networks.
These security breaches can occur at any level within a law enforcement and correctional information technology network. Information technology managers and administrators must comprehend the level of threats compromising their systems in order to keep their systems safe and secure. Here’s how to recognize a security breach, potential avenues they can come from and best practices for prevention.
What is a security breach?
A security breach occurs when data or records that contains confidential personal or company data is lost, stolen or accessed improperly or without permission. Additionally, a breach can occur through malicious software or computer programs such as spyware which siphon user data. Breaches can occur through worms which damage user files and operating systems.
Damage to a computer operating system can also occur through rootkits which enter and hook themselves into the computer system kernel code and modify it. Lastly, the most concerning malware is spyware. This breach occurs as spyware enters the operating system, gathers data and relays it back to its makers.
Any cyber attacker can make entry through the multiple inbound routes and other available gateways such as email or spam. Simply installing antivirus and antispam technologies on all agency desktops and laptops is a good beginning, but, used as a stand-alone approach, is ultimately risky as there are several other dimensions of the system which must be addressed.
How personnel can create a breach
Perhaps one of the most prevalent breach protection issues is personnel. Seventy-six percent of network security breaches occur through a compromised employee password. Even with the appropriate antivirus security software in place, safe browsing and safe computer habits of personnel is essential to a secure information technology system. Employees are generally the weakest link in the security schema.
The ability for employees to keep secrets such as passwords and access codes form the foundation for organizational secure networks. Strict computer security including confidentially kept employee password access, strict exit strategies for outgoing employees, vigilant email monitoring and no third party storage device rules for employee work stations throughout the workplace are essential tools.
Prevention is the first layer of defense when securing a network. Making sure all anti-virus software programs are up to date and a system firewall is on is a necessity. Regular scheduled maintenance and updates to this software is vital to preventing a system breach.
How to train personnel
Simply training employees as what a dangerous link or email might look like can easily prevent a cyber-attack. Viruses arriving as an email message attachment are a common method used by hackers to distribute their “wares.” Still, many users unknowingly open these dangerous and unknown file attachments resulting in an entire network infiltration.
Educating employees as to what qualifies as a strong password can eliminate the ability of hackers to make entry into a secure system network through password breach.
Keep track of external storage devices
Information Technology departments should keep detailed records of employee issued storage and other devices such as USB storage devices, wireless communication devices or wireless hotspot devices. Each device has its own potential data breach risk.
When devices are no longer in use by employee or department, thorough wiping of data from all computers and devices is vital in order dispose of all secure content thoroughly.
Write clear policies
Explicit and clear detail to usage, protection and information availability must be in place and acknowledged by each employee, preferably in writing. Policies regarding the physical security of devices including procedures for securing computers or laptops daily at end of shift should be specific and applied. Additionally, a policy regarding thorough background screening of employees prior to hire and access to confidential information must be enforced.
With this multi-level approach to system security, keeping a new or updated records management system secure and virus free can be accomplished with ease.