California’s 2016 Annual Data Breach Report and the Symantec’s 2017 Internet Security Report findings detail a range of ways cybercriminals aim to breach the tightest of security measures with relative ease of even the largest of global organisations.
The California 2016 Data Report describes how the malware was the cause of 44.6 million records being breached and it has increased by 22% in the past four years alone.
These figures demonstrate why it cannot be stressed enough how important it is for an organisation to have extensive, multi-layered and well-structured cybersecurity systems. It is vitally important for an individual or team to be aware of their security situation at all times.
Targeting people by email has seen a steep rise in popularity among cybercriminals in recent years. Where phishing was the go-to option for cybercriminals in the past, malware virtual assaults have almost taken its place in recent years.
There were over 357 million types of malware attacks globally via email in the past year alone. Executed in a variety of ways such as in the form of links and attachment files. Often, these emails will be received from what appears to be legitimate email accounts such as PayPal or a Bank service provider.
The cybercriminal will often acquire a similar domain name to trick the individual into viewing and accessing the email contents.
Threats such as this can be devastating to a company as cybercriminals can make data unreachable or hold data for ransom which has been widely publicised due to recent incidents.
These are just two of the millions of ways these criminals can virtually take down an entire organisation. The chart below, provided by (sert) – shows the breakdown of each specific threat organisations face today.
Symantec has approximated that these types of attacks cost companies £150-200 per victim on average, with these attacks valued at approximately £25,000+ per day.
With these projections, it’s easy to see that company employees need to be educated in checking the origin of external email addresses and to refrain from opening email links and attachment files from email addresses that you do not recognise.
While this can help stop one type of malware, the question remains of what can be done to protect an entire company’s systems network.
Developers in particular need a very specific type of security, especially if they are using a multitude of apps to create. Security in this instance must be continuous and checks for vulnerabilities ideally must be automated.
With potentially hundreds or thousands of apps running at any one time within a company, it would simply not be possible to perform constant manual checks on the code, malware, viruses, identities; on who is logging in and out of the system and so on.
There are many open source options available that run alongside tools from established companies and can completely protect an organisation from cyber attacks and hacks, as well as boosting security overall.
Advanced Threat Protection (ATP) from Microsoft is both an easy and comprehensive option to deploy. ATP has the capability to protect emails in real time against any attacks towards an organisation’s security and technology.
Using real-time scanning, users will be taken to a warning page if they click a malicious link, informing them the page contains malicious content.
Attachments are opened in a special Microsoft protected virtual machine, which assesses the code to deduce if it’s malware.
The reporting interface on ATP will show trends and insight into the health of your organisation, including all threats that were discovered and stopped. Custom reports can also be ordered.
ATP can be scaled to your business needs and allows you to customise which users can have access.
Data breaches are another growing worry for developers large and small. These breaches usually come from workers using unauthorised cloud applications, apps that are self-downloaded by users can be problematic.
Symantec asked various organisations to estimate how many cloud applications their workers were utilising. From a guess of 40, the reality of the situation was that almost 1000 unauthorised cloud apps were being used within the office.
Workers dropping off their work data in these insecure apps can cause massive data breaches potentially costing a company millions in losses.
Personal cloud storage such as Dropbox or Google Drive accounts can also be used to store work data which can and has been very easily breached. Therefore, it’s important to know where your company’s data is sitting and that it is protected.
Ideally, an organisation’s data should all be in one place. Microsoft’s enterprise-grade cloud app security can provide this as well as possessing tools that provide deeper visibility, comprehensive controls and complete protection against data breaches.
Microsoft’s Cloud App has advanced features, which many cloud apps lack, such as data encryption, restricting access and their ability to remotely wipe devices if they are threatened.
it’s also important to monitor data consistently. Microsoft’s Cloud App has extensive data reports from right across the Office 365 spectrum and this allows access to view how all users distribute data, so any security threats can be dealt with right away.
With this feature, data can also be classified with labels based on how sensitive that data is.
That data is then protected by Microsoft’s Azure Information Protection, this allows data to be controlled with regulation over which apps can use it. With this, all data can be stored in one or two cloud apps that are under control at all times.
Microsoft’s Cloud App can identify more than 15,000 apps and then assess the risk of each of those apps based on 60 different parameters. Each app will then be assigned a risk score, based on how much of a threat it is to the security of your data.
It can also identify various types of ransomware based on a built-in template, as well as search for any unique extensions.
An organisation’s security can also be breached by workers using the same password across many different websites. The security concern here is obvious.
Microsoft’s Identity Manager is the key to preventing this kind of problem as it can map and discover permissions across multiple systems per user while still upholding a shared identity for your users.
ID Manager also has the ability to equip users with effective tools such as group membership and self-password. It synchronises identities between directories, databases and apps as well as increasing admin security with privileged access and roles that can be assigned.
This allows data to be protected by mapping permissions across multiple systems to assignable roles, as well as reducing the number of usernames and passwords needed to login by unifying access.
Roles are completely customisable and visible so there is a degree of control to who is accessing a particular system and when.
Like all Microsoft apps, ID has detailed reports on the history of the identities in the system which includes custom emails and all other items that have been changed across the entire network.
As has been evidenced in the news on numerous occasions, even the most powerful companies can have data breaches.
These publicly reported incidents only further highlight the importance and need for organisations to stay advanced with the latest developments among cybercriminals who are always seeking to come up with innovative new ways to thwart systems and to mislead users.
New methods of attack are regularly being developed almost as fast as most security methods can keep pace with them.
Symantec’s yearly Internet Security Threat Report and California’s Annual Data Breach Report go a long way in informing companies of the latest trends and threats that are on the way.
However, awareness without applying the knowledge into practice is meaningless. Microsoft’s security suite is an excellent option for an almost instant, no-fuss security set up at a relatively low cost.
Security is a persistent issue as the now constant use of the internet for things such as cloud storage, testing and video calls show the need for a robust security system that encompasses online use and cloud storage is fundamentally paramount.
Where Microsoft provides the cloud infrastructure solutions, this allows DevOps to continue their work without the worry that their efforts will be compromised by a cybercriminal.
DevOps also provides an insight into exactly what attacks would be the most devastating for a workplace as well as a host of other key service features such as; a detailed system analysis, faster code releases and a continuous deployment delivery life cycle to name just a few.
To find out more about how Microsoft Cloud Solutions and DevOps as-a-service can help protect your business from a cyber-attack, contact our senior software security experts today.