Knowledgebase
Security issues
Posted by Michael Skoupý, Last modified by Štěpán Horký on 11 June 2019 01:44 PM

Introduction

Security issues simply and comprehensibly describe the company security status and of specific communication channels. Security issues and related recommendations, are based on what data has been monitored in the company environment, what employee activities have been and what security rules have been set in Safetica. If security issues are not handled, they are a threat to sensitive data and to the workspace.

Security issues are new in Safetica 9.0. They are visible in WebSafetica console and Security Audit report.

What are the levels of security issues? 

Security issues are color-coded accordingly to the severity and risk they pose to the company. There are 3 levels in total. 

Serious security problem

A serious safety problem is the highest level of risk for the company and immediate attention should be paid to its treatment. For example, a serious security problem may arise in situations where there are insufficient security rules to prevent leakage of sensitive data, or basic security rules is missing.

Example: 10 sensitive data files have been sent from your company by webmail services, which are not controlled.

Security problem

A security problem arises in situations, where company has basic security rules, but for example, there are no additional security settings.

Example: You don't have regular company security e-mail messages set up. 

Treated security problem 

If the measures are sufficient, the safety problem is labeled as treated. However, attention should continually paid to the situation and regularly checked, that the security settings are reflecting the company's current requirements.

Example: You have set security policies for webmail services, where can be sensitive files uploaded.

What are the types of security issues and how to treat them? 

Security issues cover a number of areas, below are some of them.

Basic or additional settings are missing

The recommended basic measures include setting up immediate warnings or regular e-mail alerts. If a security incident occurs, a quick response through immediate warnings is important to minimize negative impacts. Responsible persons can therefore immediately deal with a risky issue. Also, a regular review of the company's security status via regular reports is an important part of the overall security strategy.

To improve your company's security, we recommend the following:

  • Set instant email alerts for any security incidents you want to track. 
  • Check that the instant warnings are up-to-date and addressed to responsible persons. 
  • Set automated reports to all relevant areas. 
  • Check that the reports are up-to-date and are addressed to the responsible persons. 

You can find out how to set up an immediate warning or regular e-mail reports in the Safetica documentation. 

Missing identification of sensitive company data

Without experience what is company sensitive data, it is not possible to create an effective security policies and prevent sensitive data leaks.

To determine what sensitive company data is, we recommend the following:

  • Check the files that employees are working with and identify sensitive data. 
  • Evaluate which files are leaving your company via individual channels. Check if files should be categorized as sensitive. 

More information on how to identify sensitive company data can be found in the Safetica documentation. 

Missing treatment of the communication channel, through which sensitive data flows

Sensitive data can escape from company through various communication channels such as USB flash drives, e-mail messages with attachments, websites, cloud storage, and others. Each communication channel represents a specific risk to your sensitive files and therefore, it is necessary to treat all communication channels. One of the most common methods of data leakage is, for example, transferring large volumes of sensitive files to a USB flash drive. It's a very easy and fast way for a company to lose control of its data. Subsequent loss or theft of a USB flash drive will result in critical data getting into the wrong hands.

To treat communication channels, we recommend the following:

  • Determine and check which communication channel is suitable for transmitting sensitive data. 
  • Restrict or disable other communication channels to transfer sensitive data using DLP policies. 
  • Determine the trusted target locations for sensitive data.
  • View alerts sent to employees if sensitive files leak out via non-authorized channel. 
  • Set up email alerts, triggered by copying of large amount of files. 
  • Provide employee training, on standard security procedures when working with sensitive data. 

Please refer to the Safetica documentation in order to set up DLP policies, restrict inappropriate channels, or create alerts.

Lack of restrictions for high-risk applications or sites 

Understanding which applications or sites employees visit, helps companies to discover security risks and where to improve user productivity.

To reduce high-risk employee activities, we recommend the following:

  • Set policies for applications and websites to prevent the use of risky or dangerous websites and applications. 
  • Set up regular automated reports on used applications and visited websites
  • Check which applications and websites are being used. Evaluate if the categories of websites need editing. 

How to reduce risky applications and websites can be found in the Safetica documentation. 

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments: