Palo Alto Networks: 5 Ways To Deal With Access Theft Attacks..

Aug

20

2017

It is now clear that most cyber attacks begin by stealing user access data through various fraudulent methods. These attacks range from those targeted to individual users, which usually seek bank statements, and those that target companies that focus on acquiring confidential access data needed to access targeted corporate systems and databases in order to tamper with them.

Although there is a strong emphasis on the general definition of developments in cyber attacks, little is being done about the sophisticated methods used to acquire user access data for use in attacks. There is a big gap in the fight against cyber attacks, as access data are increasingly being used outside of companies, which requires standing to learn about the means of acquiring access data and how it is used by cybercriminals.

Albo Alto Networks has offered five ways to address data entry theft attacks:

1. Proactively prevent and prevent theft of personal access data

What methods can be applied in the processes, procedures and tools available to you today? For example, banks send e-mail messages to their customers with the obligation not to request their personal data via e-mail. Similar methods can be applied within the corporate environment: Does your company have an authorized procedure for identifying the sender of the email and verifying that it has legal personality? What are the capabilities available in your company today as part of a procedure to immediately detect attempts to steal electronic data? These possibilities include anti-phishing operations for anti-phishing.

2. The best way to verify the identity of users

Ensuring clarity is the foundation of data protection strategies, and you should always wonder if you have clear procedures for identifying sensitive information and accounts, and ensure that you can verify where and how users can access them. If these actions are outside the company’s framework, how do you apply policy controls? This can include limiting or even blocking users’ access or requesting additional verification information in some cases. How can these actions be effectively identified and applied at all times, regardless of which means of access are used in such a way as to ensure automatic adaptability if needed?

3. Application of policy controls

In view of the rapid development of data access needs, how can user dynamic access policy rules and adaptability be applied smoothly without the need to make a major effort, such as supporting new applications, resources and hardware associated with cloud computing? For example, you may be using multi-level authentication solutions, what would happen if you needed to add an additional application that does not support the use of these solutions? On the other hand, while changes occur in users and their connection to the databases, how can you apply the controls and enforce the use of protection policies smoothly and quickly. Will you do this at the point of contact with the new application, at the point of verification of the identity of the user or the data he or she is trying to reach, or somewhere in between?

4 – Detecting cases of misuse of the entry data whether inside or by foreign saboteurs from abroad

There is no doubt that the goal is always to prevent the use of bad access data, whether by an employee within the company or a terrorist from outside, but you must ensure that the possibility of detection of these cases as they occur to reduce the damage. What procedures and capabilities are available that will allow you to detect any misuse of access data? Do you have the ability to detect any sudden change in user access, unusual activity, or change in a user’s activity file? If one of these violations is detected, how do you isolate that user account entirely or (that is the best option) at the data access point that is the source of the risk? What data can be collected that can help to understand exactly what happened?

5. The importance of conducting experiments

Data protection experts are used to periodic tests to check the efficiency of their networks to the potential of electronic penetration, but you have to wonder how many times have been tested to determine the extent of damage that can be caused by “valid” access data if used by a personal device from Outside your company network? You should identify potential scenarios that can have a significant impact on your data security level and ensure that necessary tests of your weapons capabilities are performed to detect and prevent access misuse when needed.

Greg Dai, Vice President and Head of Information Security at Palo Alto Networks, Europe, Middle East and Africa, said: “It must be said that the phenomenon of data entry theft will not disappear soon, especially as it is very effective to access various devices. Will be more widespread as one of the most important means used to enable electronic penetration. ”

…….have a nice day…………..

Viewing:-151

In: Technology & Gadgets Asked By: [17511 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »