THERE
IS NO SILVER BULLET WHEN IT COMES TO DATA ATTACKS
We never actually know what the bad guys are up to until they do their dirty work and we learn about it after the fact. The best we can do to preserve our data is to take substantial preventative measures.
Whatever
your environment, you are strongly advised to take security seriously.
Many organizations make the mistake of underestimating the value of their
information
technology
(IT) environment, generally because they exclude substantial indirect costs.
If an attack on the servers in your environment is severe enough, it could
greatly damage the entire organization. For example, an attack in which
your corporate serveris brought
down and causes a major loss of revenue or customer confidence might lead
to the collapse of your corporation’s profitability. When evaluating security
costs, you should include the indirect costs associated with any attack,
as well as the costs of lost IT functionality.
Vulnerability,
risk, and exposure analysis with regard to security informs you of the
trade offs between security and usability that all computer systems are
subject to in a
networked environment.
The first step in protecting your data is to create policies,procedures & awareness within your organization. The next is “lock the door”, yes the door to the computer room. Many cases of data attacks can be attributed to physical loss of the computer server or data receptacle. If the door is left unlocked, anyone can physically steal the unit. The next step is to provide a strong perimeter, VPN, quarantine and firewalls can provide good perimeter protection. Protecting the Host or workstation (i.e. PC) is the next important step, hardening the operating system, strong password authentication protection, update management and maybe even HIDs or Human Interface Devices for positive user ID. Finally hardening applications, providing antivirus solutions and data encryption will also help to protect your data.
Unless all these steps are taken and maintained you run a certain risk of attack, all you can do is to reduce your susceptibility to attacks. We will probably never get ahead of the bad guys, but what we can do is to make their job increasingly difficult.