If you like this presentation – show it...
7 THINGS TO CONSIDER WHEN SECURING YOUR REAL ESTATE DATA
59% The percentage of employees who steal proprietary corporate data when they quit or are fired
In today’s world, the risks associated with inadequate data security is a business critical concern.
Data leaks pose major security concerns and can have devastating implications.
Based on our extensive experience in the Real Estate industry we have compiled a list of 7 things you should be thinking of to ensure your data security.
#1 PHYSICAL SECURITY
Physical breaches can take on various forms such as unauthorised individuals gaining access to the physical sever itself; individuals connecting their own devices into the office network; or individuals using an unattended employee workstation to access the company network.
#2 NETWORK SECURITY
Understand how your database server reside within the network topology. Is it directly accessible publically; is it isolated from external facing application servers; are communications to/from itself using SSL for data exchange and is a firewall being used to restrict communications.
In 2014 data breaches increased by over 27.5% from 2013
#3 SERVER CONFIGURATION
Know your server configuration. Is the SQL instance discoverable on the network; are the SQL services using a non-standard port; are unnecessary services disabled; is the SQL administrator account (sa) disabled and which authentication methods are used, Windows, SQL or both.
Weak passwords can severely compromise your data. Ensure password complexity is configured; be sure to enforce the use of password complexity and within applications, encrypt passwords instead of storing them in plain text.
75% of people use the same password for multiple accounts
#5 SQL INJECTION
SQL injection attacks can bring systems to their knees. Ensure absolute minimum privileges are granted to application accounts; restrict inter-application access when sharing a database server; encrypt sensitive data and where possible, parameterize application input values.
#6 DATABASE BACKUPS
Database backup security is often overlooked, but vital. Ensure local/remote backup locations are adequately secured; use encryption when performing backups and be sure to restrict access to certificates/keys used by encryption processes.
Known vulnerabilities, if left unresolved can be exploited. Stay current, ensuring critical operating system updates are applied regularly; ensure database server software is regularly updated independently and where feasible enable automatic updates.
Securing your data requires one to think beyond just the immediate scope of the database server in order to ensure data security continuity.
The management of data security is a process requiring continual review. After all, can you afford not to ensure the safety of your data?
WE DELIVER CUSTOM SOFTWARE SOLUTIONS AND SERVICES TO OWNERS AND OPERATORS OF REAL ESTATE Click here to discuss your requirements in more details WWW.OPENBOXSOFTWARE.COM By Craig Rynhoud Reference Cherry, Denny. (2012) Securing SQL Server: Protecting your Database from Attackers, 2nd edition