Lessons Learned From Target Data Breach

There are tons of tools and inexpensive software avaialble to help you backup your files and protect you from malware. But, like in Target's case...

by | March 13, 2014       << Back to Blog    

Join the Conversation on Facebook!

Click to enlarge

As the dust settles we now have more information explaining the Target security breach which is the biggest retail hack in U.S. history.

Here is good article from Bloomberg BusinessWeek that explains it.

After reading this article I hope you understand and agree that running antivirus and backup programs on your business computer network does not fully protect you from costly security breaches like this one.  The security of your business and computer network is only as good as the IT company that is supporting it.  There are tons of tools and inexpensive software available to help you backup your files and protect you from malware.  But, like in Target's case, the problem was not in the technology but in their lack of response when they got the alerts and red flags.  You are and should be busy selling or providing your services.  Someone else should be monitoring your computer network 24/7, making sure everything is running smoothly and taking care of alerts for you.


4 Things To Learn From The Target Security Breach

1- Have 'people' checking your logs and system alerts. Don't leave everything run automatically and blindly trust everything is working fine. Target had people doing this, but didn't check on time or at all.  Don't underestimate the value of good IT services because you don't understand the lingo and works behind the scenes. Trust your IT partner to take care of all things technology you don't understand or have time to deal with.
"For some reason, Minneapolis [Target] didn’t react to the sirens."

2- Control and restrict access to your internal network. Have a strong password policy in place and limit or prevent external vendors or customers from accessing your internal network, including WiFi.
"...says the intruders had gained access to the system by using stolen credentials from a third-party vendor."

3- Check under the carpet. Just because everything seems fine and you are doing business as usual doesn't mean your computer network hasn't been hacked.  Certain hackers, like in this case, cover their tracks using other company's computers to temporarily store the stolen data and then transmit to them if the coast is clear.  This means that your computer is a 'zombie' and used for criminal activities.
"...the malware was designed to send data automatically to three different U.S. staging points located in Ashburn, Va., Provo, Utah, and Los Angeles. From there the card information went to Moscow."
 

4- Test, Test, Test. Technology and systems can be easily automated and tested.  However, the people-processes, responses and logistics are also critical to test as well.  Testing allows you to uncover areas of improvement and possible oversights.  It's better to learn about mistakes or vulnerabilities in your system from tests rather than to discover them in a real emergency.  Security audits from third-parties are recommended and, in some industries like Healthcare, required.  A Certified HIPAA Security Professional (CHSP) or a Certified Information Systems Security Professional (CISSP) are recommended for network assessments.



About Fernando Sosa
Fernando Sosa is a technology consultant, project management professional, and software developer who helps small businesses and nonprofit organizations make the most of their information technology resources.


Comments: