1. Training, training and more training for your staff.
- Social engineering is rampant right now. Make sure your team knows what to look out for so that they do not mistakenly process transactions or disclose sensitive information to scammers.
- Documented and practiced secure processes that define how transactions requests and orders are placed.
2. Data Classification – organizations must know where all the sensitive information is stored so that proper controls can be implemented to protect it from falling into the wrong hands.
3. Encryption – stolen laptops and mobile devices account for many sensitive information breaches. Devices with proper encryption reduce the risk of data falling into the wrong hands.
4. Active Monitoring and Management – Having the proper polices and controls designed is good progress, but monitoring for breaches and infractions of policy is required to mitigate potential intrusions or breaches. Timely response to any breach or intrusion attempt is paramount.
Trey Hawkins was co-founder and CTO of Virtex Networks, Inc., one of the nation’s first IT infrastructure service providers, when it was acquired by Leapfrog IT Services in 2001. Prior to founding Virtex, Trey ran Computer Associates’ enterprise software training center in Atlanta, where he honed his expertise in implementing and supporting enterprise management technology used by Fortune 500 companies.
Click here to view on Digital Guardian