Data security is one of the most critical challenges facing businesses today. According to the IBM X-Force Trend and Risk Report, the U.S. Accounts for 50% of the world’s data breaches with an average of 2 million attacks a week. Over 600 million records have been stolen from 4,000 successful data breaches since 2005.
After a successful breach, the damage to a company’s reputation can be staggering, and the financial impact can be astronomical. Companies often face lawsuits, fines from loss of confidential information and high remediation costs. This encourages a culture of silence and fear among network administrators.
Securing the network is the key
One of the easiest ways that a hacker can gain access to a company’s network is by exploiting flaws in Microsoft Outlook to gain access to employ email accounts. When introduced, Microsoft Outlook 2010 contained many new security features to combat some of the more popular exploits. Users were given new tools, such as reading email in plain-text format, turning off the preview pane, and blocking certain attachments that made it harder for hackers to penetrate vulnerable networks. Microsoft Outlook 2013 further enhanced security by analyzing plug-ins and scripts designed to run as add-ons and disabling those that caused issues with the popular email client.
Although the changes made to Microsoft Office have greatly improved the security of email, it is still possible for computers and servers to be compromised. Products such as gpg4o or Symantec Encryption assist network administrators in securing their company data through encryption. The Symantec Encryption software suite offers a multi-faceted solution to protect files and folders, server endpoints and email. Based on PGP technology, the software uses a unique digital signature to encrypt the data. Symantec offers both server and client-level encryption services. In the server environment, the encryption services are transparent to the user. However, this is not always a feasible solution because some companies will use third-party email hosts to contain costs. In these cases, Symantec offers a client-based solution that functions as a plug-in to Microsoft Outlook to encrypt email on an employee’s computer using a two-part digital signature. The recipient must use a keyfile obtained from the sender to decrypt and read the email.
Cooperation is essential
Management and network administrators must work together to develop a plan to ensure that hardware and software upgrades are performed on a regular or as-needed basis. Clear policies must be put into place for employees to understand their role in protecting company data when using network resources in-house or off-site on their on devices. Reviewing these policies often and evolving with changing technology are the keys to successfully securing confidential data.