Phishing: 5 measures to protect confidential data

Home » Phishing: 5 measures to protect confidential data

Pishing ScamPhishing is not a particularly new tactic for obtaining other people’s data – and yet successful campaigns regularly come to light. Companies therefore try to prevent the success of phishing attacks by promoting security awareness among employees. This should also be a central component of the security strategy.

Advertisement

But despite all efforts, individual users continue to fall for the attackers’ scam. IT security experts at Palo Alto Networks have formulated five measures on how to effectively protect against phishing.

“First, however, it’s important to clarify what companies and institutions want to protect before it becomes a matter of how. What business-critical or sensitive personal data is at risk? Is it the software source code of the development department, is it the student data in the teachers’ lounge PCs, patient records in the hospital or important documents on the upcoming merger of two companies?” explains Thorsten Henning, Senior Systems Engineering Manager at Palo Alto Networks. “Depending on how critical the data is, the need for protection should also be classified.”

The next question would be how to protect the data even if a phishing attempt has been successful, meaning the attacker has already gotten his foot in the door.

To achieve a high level of security, Palo Alto Networks recommends the following five measures:

Implement the principle of the least privilege


Certain data that needs to be protected does not need to be accessible to all employees. This principle seems simple, but it is not always followed. In a high-profile data breach at a major U.S. retailer, attackers stole credentials from a third-party vendor and then installed memory-scraping malware on more than 7,500 self-service POS terminals. This third-party vendor should not have had access to thousands of POS terminals. To follow the principle of least privilege, it is important to identify who needs to have access to sensitive data. Role-based access management ensures that access is monitored. In addition, access controls can be set up for each application – through user control using a next-generation firewall that monitors all network traffic. Implementing user-based access policies in the firewall protects sensitive data whether it is held in the data center, in a private cloud, or in a public cloud.

High integrity of user identification


Access control is implemented at multiple points. For example, users first identify themselves at the endpoint, and then authentication and authorization checks are performed at the VPN gateway, WLAN controller, firewall, and finally the application. User identification at each level must be highly reliable. First, this means that users connecting to the network must be identified within the shortest possible time. Second, in dynamic environments, fast updating is critical as users move from one IP address to another. One option here is to use certificates on user endpoints. It is then important to ensure that the firewall captures this user identity with low latency to immediately enforce user-based access control.

Specify access to applications, not server IP addresses


Until now, access to applications has been defined using IP addresses. In today’s environment where applications move, even from private to public cloud, it is necessary to define access to applications, not IP addresses. The security solution, such as a firewall, should be able to identify known applications and provide the ability to define custom applications.

Use user groups


Define access to applications using user groups instead of specific named users. Why? This method is scalable and secure. When a group is defined that must have access to the data, users can be easily added or removed without having to change the access policy on the security hardware. The groups may or may not be created in the directory servers. If not, it is necessary to define a procedure for this with the administrators of the directory services. For example, a subgroup of a small number of people can be created based on specific attributes. As soon as someone leaves the company, the user is removed from the group in the directory server and automatically loses access to the sensitive data.

Regular audits and review of access rules

Policies change. Old applications are retired, and new ones are introduced. Businesses may be acquired, creating a need for customization. So how do you ensure that access policies defined months ago are still relevant and up-to-date? To do this, regular review processes must be set up, which must also involve the company’s management. Internal audits or security checks for specific data sets ensure that the necessary security level is always maintained to an adequate degree.

Best in Bangladesh
1Win Mobile App Download 2022

500% bonus on the first deposit Up to 1 150 USD

ICC Win Betting App Download 2022

5% Weekly Cashback Up to 500 000 BDT

888 Betting App Download 2022

Free bets 30 USD + 10 USD Casino Bonus

Spin Sports App: Download & Review

100% bonus on the first deposit Up to 40 000 BDT

Crickex Sports App: Download & Review

Weekly Lucky Draw Get An iPhone

SportPesa App Download 2022

100% bonus on the first deposit Up to 15 USD

NetBet App Download 2022

50% bonus on the first deposit Up to 50 EUR