Every day there seems to be a new victim of a massive data breach, making them seem more normal than ever before.
Although the aftermath of a breach can be quite costly and have extreme legal ramifications, there is one good thing that may be coming from these attacks- companies are learning.
As we learn each day about how to better protect our online assets and credentials, companies are leading by example and now know what to look out for and how to better protect themselves. More and more companies have begun to realize that they could be the next victim and are learning from other companies’ mistakes to help prevent these attacks from occurring.
For example, the Target & Home Depot data breaches. These breaches could have been easily avoided by implementing a hardened build standard with precision change detection (the PCI DSS recommends using the CIS Benchmarks as the best hardening standard to adopt). Hardening coupled with breach detection technology (FIM-based Host Intrusion Detection system or HIDS), would ensure that, even if a breach was successful, at least you would be alerted to the issue immediately and be in a position to take action to prevent any card data loss.
Another example, the Experian T-Mobile breach. This breach affected over 15 million T-Mobile customers who had applied for Experian credit checks. With Experian’s business running solely by collecting data from millions of people around the globe, it’s even more important for data collecting businesses like these to use best security practices to ensure compliance & data protection of its consumer’s credentials.
The notion of security best practices have been established for a reason, and without them in place, breaches will continue to intensify and affect millions of people around the world. NNT’s Change Tracker Gen7 equips any organization with best in class Breach Detection & Prevention solutions like File Integrity Monitoring and Change & Configuration Management to help protect for consumers credentials and information from a possible data breach.