7 Things to Consider When Securing Real Estate Data

If you like this presentation – show it...

Slide 0


Slide 1

59% The percentage of employees who steal proprietary corporate data when they quit or are fired

Slide 2

In today’s world, the risks associated with inadequate data security is a business critical concern.

Slide 3

Data leaks pose major security concerns and can have devastating implications.

Slide 4

Based on our extensive experience in the Real Estate industry we have compiled a list of 7 things you should be thinking of to ensure your data security.

Slide 5


Slide 6

Physical breaches can take on various forms such as unauthorised individuals gaining access to the physical sever itself; individuals connecting their own devices into the office network; or individuals using an unattended employee workstation to access the company network.

Slide 7


Slide 8

Understand how your database server reside within the network topology. Is it directly accessible publically; is it isolated from external facing application servers; are communications to/from itself using SSL for data exchange and is a firewall being used to restrict communications.

Slide 9

In 2014 data breaches increased by over 27.5% from 2013

Slide 10


Slide 11

Know your server configuration. Is the SQL instance discoverable on the network; are the SQL services using a non-standard port; are unnecessary services disabled; is the SQL administrator account (sa) disabled and which authentication methods are used, Windows, SQL or both.

Slide 12


Slide 13

Weak passwords can severely compromise your data. Ensure password complexity is configured; be sure to enforce the use of password complexity and within applications, encrypt passwords instead of storing them in plain text.

Slide 14

75% of people use the same password for multiple accounts

Slide 15


Slide 16

SQL injection attacks can bring systems to their knees. Ensure absolute minimum privileges are granted to application accounts; restrict inter-application access when sharing a database server; encrypt sensitive data and where possible, parameterize application input values.

Slide 17


Slide 18

Database backup security is often overlooked, but vital. Ensure local/remote backup locations are adequately secured; use encryption when performing backups and be sure to restrict access to certificates/keys used by encryption processes.

Slide 19


Slide 20

Known vulnerabilities, if left unresolved can be exploited. Stay current, ensuring critical operating system updates are applied regularly; ensure database server software is regularly updated independently and where feasible enable automatic updates.

Slide 21

Securing your data requires one to think beyond just the immediate scope of the database server in order to ensure data security continuity.

Slide 22

The management of data security is a process requiring continual review. After all, can you afford not to ensure the safety of your data?

Slide 23

WE DELIVER CUSTOM SOFTWARE SOLUTIONS AND SERVICES TO OWNERS AND OPERATORS OF REAL ESTATE Click here to discuss your requirements in more details WWW.OPENBOXSOFTWARE.COM By Craig Rynhoud Reference Cherry, Denny. (2012) Securing SQL Server: Protecting your Database from Attackers, 2nd edition

Slide 24