DEV Community: RebeccaBeris

How Data Loss Can Impact Your Business and How to Prevent It

RebeccaBeris — Wed, 31 Jul 2019 13:49:31 +0000

Image by Gerd Altmann from Pixabay

I find it appalling that after a disaster, such as a data leak or data loss event, 93% of businesses don’t recover and close within a year. In the event of a disaster, having a backup of your files will allow you to recover the data and minimize loss.

If data loss does occur, the impact on your business will depend greatly on the quantity and quality of the affected data, as well as the strength of your disaster recovery plan. Read on to learn more about how data loss can impact your business and tips and tools to prevent it.

How Data Loss Can Impact Your Business

The amount of data in the world is increasing exponentially, and the need for backing up all this data in several locations is crucial. If you are not performing daily backups, your risk of losing valuable data are high. The impact of a data loss event can be felt in every aspect of the organization, and the severity will depend on a great measure, on the effectiveness of the data recovery plan.

Some of the effects of a data loss event are as follows:

Disrupts productivity—organizations that lack a solid data recovery plan will take a hit in productivity, since there were processes left incomplete for lack of documents and resources. Moreover, the organization needs to redirect employees to recreate lost data instead of doing other tasks.
Damages reputation—many cases of data loss involve losing data from clients, usually sensitive data. This impacts negatively on your reputation, with clients leaving your service as they view your business as unreliable.
Sales loss—most organizations depend on data to run the sales process smoothly. In the event of data loss, for example, an ecommerce website could be rendered inoperative, losing thousand of dollars in potential sales. Users cannot make purchases until data is restored.
Going out of business—in the event of severe data loss, for example, a company losing its data center for ten days or more, over 93% of companies don’t survive. This is the consequence of not having a backup and recovery plan. After a data loss disaster, it may take weeks to restore operations, and in that time companies still need to face payroll and other payments even when not generating any income. This results in many organizations eating their available capital, most of them not able to recover from the hit. ## Causes of Data Loss The causes of data loss can be from natural disasters to hard drive failure or malicious activity.
Hard Drive failure—wear and tear can cause a hard drive malfunction, and a decrease in performance is a clear indicator the hard drive is close to fail. At this stage you should transfer the data to a new hard drive before the first one fails.
Hard Drive formatting—mistakenly formatting the hard drive is a common cause of data loss. Because certain applications require formatting the hard drive before installation, it is important to have a backup done beforehand.
Power outages—20% of companies experience data loss as a result of sudden power outages. A good hosting provider and a generator can minimize the data loss as you can shutdown manually the network to control that all data is saved.
Human error—many data loss events are the result of an employee deleting data without noticing. Having a backup in place ensures restoring the documents with ease.
Malicious attacks and malware—external attacks as malware and unauthorized access can result in stolen data used to commit fraud against your organization or clients. Moreover, internal threats are more common everyday, with rogue employees accessing the network and causing internal damage or stealing sensitive data. One solution is to limit to the minimum employees access to data.

Having a Data Loss Prevention solution in place can help prevent most of these issues, as we will explain in the following sections.

What Is Data Loss Prevention?

Data Loss Prevention (DLP) is the process to ensure that users don’t send sensitive or critical information outside the network. DLP solutions are software products helping organizations to control the data that users can transfer.

DLP solutions classify and protect confidential and critical information from leakage from unauthorized users. As insider threats continue growing, regulations are becoming stricter about data access requirements. Some DLP tools also can filter data streams protecting data while in traffic.

How a DLP Solution Can Shield Your Business from Disaster Impact

Implementing a DLP solution starts by monitoring the organization’s data. Determining which is the critical data to protect, establishing rules to protect it and protocols to update the plan are key elements for a successful Data Loss Prevention plan. It is important to involve all relevant stakeholders and permeate a data protection culture across the organization.

A Data Loss Prevention (DLP) software classifies the confidential and sensitive information of an organization, detecting policy breaches. DLP software often comes with built-in policies reflecting compliance with standards such as GDPR, HIPAA, or PCI-DSS.

Therefore, once the DLP software detects the breach, takes protective measures such as alerts, data encryption and isolating compromised data. DLP solutions work as endpoint monitoring solutions, protecting data at rest, in use and in traffic.

Installing a DLP solution requires best practices, such as incident response processes as mentioned in this article.

That being said, installing a DLP solution is not a magic medicine, and there are some limitations to the technology:

Rich media—DLP tools cannot parse and classify rich media content such as images and video.
Encryption—These solutions can only examine encrypted data that they decrypted before. DLP tools cannot detect data encrypted with keys unavailable to the DLP system operators.
Mobile—a DLP solution cannot track some types of mobile communication such as messages from a private user’s mobile.

There are three main types of DLP solutions:

#1. Network DLP
It is attached to the data points on the network. This solution monitors, tracks and reports on information traffic passing through ports. Protects web applications, emails and FTP processes, since lives in the network. Keeps a database detailing data usage and access.

#2. Storage DLP
Controls the information shared and retained by employees, alerting about the leakage vulnerability of it. Provides information about on-premise and cloud storage.

#3. Endpoint DLP
Due to the ever increasing number of endpoints across organizations, such as workstations, laptops, smartphones and tables, the risk of data leakage has increased accordingly. This solution provides agents in all endpoints to monitor and prevent leakage of sensitive information.

The Bottom Line

A data loss event can prove a real disaster for any organization, putting at risk their very survival. Having a good disaster recovery plan as well as incident response plan is important, but sometimes it is not enough when facing the loss of sensitive or third-party data. A Data Loss Prevention tool can help prevent and minimize the damage, effectively improving the chances of bouncing back after a disaster event.

Be Prepared! Common Web Application Security Vulnerabilities

RebeccaBeris — Mon, 24 Jun 2019 11:28:19 +0000

Pixabay

The number of businesses operating in the cloud grows every day. Consumer demand for 24/7 access to any data is pushing organizations to make this data available via web applications, online banking and e-stores. Attackers find in this opening a new opportunity to get hold of and maliciously use sensitive information, such as credit card data.

Companies looking to improve the security of their websites and applications apply web application security practices and tools. In this article, you’ll learn what is web application security, what are the most common web app vulnerabilities, and best practices to protect your web applications.

What Is Web Application Security?

Web application security is a branch of information security that specializes in the security of websites, web applications and web services. Given the growing need for security solutions and resources, several initiatives were taken by developers and organizations.

In 2001, was founded the Open Web Security Project (OWASP) is a non-profit organization with the goal to improve the security of software and web applications. The organization gathers information from several security organizations and compiles a list of the top web security vulnerabilities called OWASP Top Ten. They released the OWASP Dependency-Check, a free software composition analysis tool that identifies project dependencies and checks if they have any known vulnerabilities.

The Most Common Web App Security Vulnerabilities

Web application vulnerabilities can result from human error or improperly applied security measures, such as a lack of proper input/output protection. Attackers can use a range of methods to manipulate a database or disrupt an entire network. The OWASP prioritizes the vulnerabilities according to:

Exploitability—How exploitable is the vulnerability? When the attacker can disrupt the system with the less complex programming and tools we talk about high exploitability.
Detectability—defines how easy is to detect a threat.
Impact—the amount of damage that can be done if the vulnerability is exploited. Attackers can exploit vulnerabilities using different methods including:
SQL Injection—an attacker can expose the back-end database by making a web application execute a database SQL command. You can prevent this by avoiding detailed error messages, which can be useful to an attacker.
Cross Site Scripting—also known as XSS. Attackers use XSS to execute scripts on the victim’s browser. When the application can take untrusted data and send it to the web browser, there is a vulnerability open for an attacker to hijack session cookies, deface websites or run malware on the victim’s machines. Can be prevented
Broken Authentication and Session Management—when a user ends a session and the cookies are not invalidated, the sensitive data remains in the system. An attacker can use the same system, opening the previous session by stealing sensitive data. You can prevent these threats by defining the authentication and session management requirements according to the OWASP Application Security Verification Standard.
Insecure Direct Object Reference—an attacker uses an exposed reference to an internal implementation object, (a file or a database key, for example) to access other objects as a bridge to reach unauthorized data. You can avoid such breaches by implementing access control checks.
Security Misconfiguration—when the security configuration is not defined and deployed for all parts of the network, attackers can gain access to sensitive data and compromise the confidentiality of the data or the functionality of the system. Maintaining a strong application architecture and updated software can help secure the system. Another good practice is to disable directory listings and implementing access control checks.
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks—attackers overload a targeted server with large volumes of traffic, which saturates the bandwidth. The server, thus, cannot effectively process incoming requests, slowing processes and eventually denying services to incoming requests. This can be prevented by testing for anti-automation, account lockout, HTTP protocol DoS and DDoS attacks.
Buffer overflow—attackers write malicious code to a buffer with the intention to overrun its boundaries and cause adjacent memory locations to be overwritten with data. This can result in memory malfunctions or crashes. The attackers can also inject malicious code into the targeted machine’s memory. ## How Can I Secure My Web Applications? There are several best practices and tools that can help protect against application layer attacks. One such method is to put in place a barrier in the form of a Web Application Firewall (WAF). This firewall can protect against attacks like cross-site forgery, cross-site scripting and SQL injection.

Diagram from Wikimedia

Other practices to protect your web applications include:

Keep updated with the OWASP Top Ten—check regularly the OWASP Web Application Security Testing Cheat Sheet for information about new known vulnerabilities and other security-related issues.
Audit your application security—this will create a baseline from which to grow. It is important to carry an external application security audit to have an independent point of view about the security of the application. This can help you build secure applications from the start by refactoring the code according to the findings of the audit.
Log your activities properly—to have the information at hand when a threat happens. This can be achieved by implementing tools to instrument your application, and storing the information in a way that can be parsed quickly and efficiently when it is needed.
Use real-time security monitoring—add a Runtime Application Self-Protection (RASP) tool or use an Application Security Management platform to protect your application from internal and external threats.
Encrypt everything—it is important to consider encryption from every angle, including data at rest, not only in transit. That way, if someone can enter your server and clone or remove the drives, be they an internal or an external threat, the encryption makes the attackers' job more difficult.
Keep your hardware and software updated—updating your resources based on the latest security releases is a tried and tested way to prevent security issues. There are tools that can help you automate the search for and implementation of security updates.

The Bottom Line

By following these best practices, such as installing security patches, installing tools to monitor the servers in real-time and using security tools, you can set yourself on the right path to protecting your applications. Moreover, you contribute to building secure applications from the start by staying on top of the latest known vulnerabilities. This will ultimately strengthen your security posture and benefit your users.