The most valuable resource a company has is its data. The customer profiles, financial information and market research that a company collects in due course during standard business operations is what makes a company unique. It defines the corporation’s DNA and is the pool of data that can be drawn from to plan out the future direction the company will follow.
So, how do you protect this data against cyber threats in the digital age?
Robust Passwords
At every level, company personnel need to utilize complex, secure passwords. A secure password includes:
- At least 8 characters.
- A symbol, number and upper/lower case letters.
- Company-wide standard operating procedures that require regular password changes.
- Implementation of Random Password Generators which create passwords complex enough to hold the majority of hackers at bay.
- Company policies that prohibit employees from sharing passwords.
Patch and Update Business Software Regularly
SAP, on average, takes 8 months to patch and release updates to address security concerns in the products and services they provide companies (source: PCWorld). Companies that use SAP software need to remain in close contact with SAP’s support team and make sure they’re reviewing the security updates published to SAP’s proprietary reporting system.
Optimize Custom Software for Security
One of the most critical areas of vulnerability in software lies in the deployment of remote assets on client devices. For companies providing access to proprietary information on outside devices, masking critical customer input and transmissions both in-transit, and locally is key to maintaining security. As outside sources access your API, it’s possible that clients with infected machines can be put at risk; both in terms of their personal data, and your proprietary information being transmitted.ERPScan published a White Paper outlining the vulnerabilities their customers face, specifically relating to XSS vulnerabilities. For companies transmitting secure, or potentially sensitive information, it’s important to understand the areas of SAP’s software that has resulted in more than 22% of all reported SAP system vulnerabilities over the past 12 years.
Booting from a Clean Image on Workstations
Powerful hardware security suites are available to corporate users that allows for machines to be booted from a clean system image every time the system is power-cycled. The value of booting from a clean system image is that any Trojans, like the infamous TeslaCrypt 3.0, can quickly be removed from the system with a clean wipe / restore with every power-cycle.
The software that allows for clean reboots is almost always paired with an enterprise level login system that networks the systems together. As 99% of the data used by employees in the workforce exists in the cloud (either intranet or internet-based), the clean disk image doesn’t require the loss of critical company or user data. The image that is booted into will contain the required software and stored configuration files, so data can quickly be resynced and executed in a safe environment for employees of all technical skill levels.