The vast majority of the breaches, according to the study, stemmed from servers and applications, not desktops or mobile devices.
And a whopping 90% of the breaches could have been prevented by implementing and following standard, basic, fundamental security practices and procedures.
We're talking the real basics here, folks:
Change default credentials
Don't share credentials
Patch immediately and comprehensively upon patch availability
Review user accounts regularly
Terminate IT access thoroughly when employees are terminated
Log and monitor Web and application access
This stuff is so fundamental that the fact that it's not in place among the organizations breached is a reminder of just how lax, how sloppy, and how vulnerable our records are at some businesses.
Not yours, one hopes. Small and midsized businesses can learn a lot from the bigbiz mistakes that enabled (sic) the record number of breaches last year (a record that, my bet is, will probably be broken this year)
Take some time, now, to review your security practices, procedures, and policies from the ground up, making sure that all your fundamentals are in place.
And once that's done, keep an eye on them.
The complete Verizon Data Breach Report is here.
And speaking of fundamentals, bMighty's upcoming online event exploring Security On A Budget will be looking at affordable, practical ways for small and midsized businesses to implement and maintain the very sorts of security fundamentals (and more) discussed above. Register now:
|
![]() REGISTER NOW!
|