It’s Data Privacy Day – a day on the calendar where we are reminded to reinforce the best practices that will keep our enterprise data safe and secure. CTERA’s Field CTO, North America, Saimon Michelson, shared with us some tips to keep in mind when it comes to ensuring data safety.
1. Build high walls around data you store in the cloud:
- Ensure that you generate and own your data encryption keys, and no one – not even your cloud provider – can access or control them. Completely protecting your data from any third party will ensure your data is not exposed in the event of a hack.
- Understand options for multi-cloud deployments and for developing a private cloud that can be fully deployed in your datacenter where critical assets can be stored.
2. Instill a secure “zero trust” culture internally
- Email security: Enable advanced phishing protection enabled in user mailboxes and remind users often not to click on suspicious links in email
- Patching VMs: For technical teams, take extra care to install security patches on your virtual machines and cloud instances, focusing especially on Windows machines and Active Directory. If you own server machines that have not been updated recently, run Windows Update ASAP.
- Zero trust: Assume there are malicious actors in your internal network and do not assume your networks are secure. Local networks, traditionally considered a “trusted haven” for storing data with lax levels of internal isolations, are now proving to be dangerous places – with local threats lurking and attempting to spread laterally, attempting to steal or encrypt your data. Enforce the use of strong passwords and have users update them regularly, even for their own laptops.