If there’s one thing that never changes in cybersecurity, it’s this: threat actors will always look for the path of least resistance to gain access to a victim’s network.
While companies that collect and maintain personally identifiable information (PII) or protected health information (PHI) are often the preferred targets of threat actors, attackers will target any organization that collects data that can be monetized in cybercrime communities. For some attackers, easy prey is more appealing than big game—so it’s important to cover the cybersecurity basics so you’re not an easy target.
Flashpoint analysts recommend the following best practices to protect user data, from third parties and unintentional data loss.
- Proper authentication is the first line of defense. It is important that organizations have methods to properly identify, authenticate, and authorize users. Multi-factor authentication may help to prevent unauthorized access.
- Second is patch management and regular updates. It is essential to perform regular software and operating system updates to maintain the best security posture.
- Third, it is important to use antivirus software. Good antivirus software can help to detect known malware strains inside an organization.
- Fourth, organizations should be aware of internet-facing systems, and ensure there is proper authentication. Threat actors may attempt to infiltrate internal systems through brute-force, or SSH root/no-password login.
- Lastly, actors may target systems that use Remote Desktop Protocols (RDP). Access to compromised, or brute-forced RDPs may be sold within cybercrime communities. It may be beneficial to disable RDP, especially on servers and all systems not requiring remote connection.
These best practices encompass some of the best methods to protect user data. It is also extremely important to educate users and provide periodic cybersecurity training to enforce cyber hygiene and best practices.