Protection Against Data Breaches

About this sample

About this sample


Words: 539 |

Page: 1|

3 min read

Published: Apr 11, 2019

Words: 539|Page: 1|3 min read

Published: Apr 11, 2019

Table of contents

  1. Centralize Identity
  2. Implement Strong Authentication
  3. Reduce Attack Surface
  4. Enable Visibility and Response

Today, organizations face the challenge of protecting data in more places including the cloud, mobile, emerging platforms, and legacy applications. And the volume and velocity is also increasing. The bad news is that organizations of all verticals and sizes are being hit with data breaches. Ponemon reports the average total cost of a data breach rose from $3.62 to $3.86M, an increase of 6.4 percent. However, the same study reports companies that contained a breach in less than 30 days saved over $1 million vs. those that took more than 30 days to resolve.

'Why Violent Video Games Shouldn't Be Banned'?

While you're fortifying your defenses as the ubiquity of data increases, it's vital to realize that many of these data breaches are identity-based attacks; in fact, 81% of data breaches involve stolen/weak credentials. It's time to take proactive steps to combat data breaches.

Use this checklist for strategic and tactical tips to protect against data breaches.

Centralize Identity

Organizations today have thousands of applicationseach with an account and password. Managing so many accounts and passwords is a growing challenge. Many of your employees use the same and often weak passwords with multiple accounts. Unfortunately, hackers know this weakness and exploit it.

  • Centralize your accounts and access with a single sign-on.
  • Consider eliminating passwords where possible.
  • Enable strong, unique passwords everywhere else.

Implement Strong Authentication

Even if you have strong passwords, these passwords can still be phished and stolen. Strong authentication helps harden and fortify access to your organization's most important asset: data.

  • Implement Multi Factor Authentication (MFA).
  • Harden authentication to as many places as you can. Sometimes a hacker gets in with a stolen identity and then takes advantage of privilege access escalation.
  • Enable an MFA solution with adaptive capability. This technology can help make intelligent, contextual access decisions based on device and connection attribute. Overall, this increases usability by reducing end-user burden so they don't prompted all the time, but only when needed.

Reduce Attack Surface

Users leaving your organization can result in "zombie" accounts (forget to deprovisioned), which can create an open attack surface. Your enterprise also many have users/employees changing roles that can accidentally create excess privileges. As an example, an employee who moves from Payroll to HR may still have access to W2 information and thus, leaving that person's account open as an opportunity for attackers. Overall, you want to automate provisioning and de-provisioning for when users leave the organization or change roles.

Get a custom paper now from our expert writers.

  • Automate provisioning and deprovising when possible. When you automate the onboarding and off-boarding process, you don't have to remember to update roles/permissions or deactivate accounts.
  • Enable reporting so you can see who/what groups has access to apps or if the access is over privileged.
  • Make sure the right people have the right level of access for their role

Enable Visibility and Response

While there's always going to be security gaps, you can be proactive in tightening your security grid as much as possible.

  • Augment your visibility to see what's going on with identity data. That means knowing who was impacted by a breach, what applications/accounts were accessed) etc. For example, maybe you're getting several failed authentications from a specific IP address, which could be flagged for investigation and response.
  • Correlate identity data with other security logs/data for greater visibility
  • Enable faster response with identity e.g. revoking access to application / prompting for step-up authentication in the case of suspicious events/incidents
Image of Dr. Oliver Johnson
This essay was reviewed by
Dr. Oliver Johnson

Cite this Essay

Protection Against Data Breaches. (2019, April 10). GradesFixer. Retrieved June 17, 2024, from
“Protection Against Data Breaches.” GradesFixer, 10 Apr. 2019,
Protection Against Data Breaches. [online]. Available at: <> [Accessed 17 Jun. 2024].
Protection Against Data Breaches [Internet]. GradesFixer. 2019 Apr 10 [cited 2024 Jun 17]. Available from:
Keep in mind: This sample was shared by another student.
  • 450+ experts on 30 subjects ready to help
  • Custom essay delivered in as few as 3 hours
Write my essay

Still can’t find what you need?

Browse our vast selection of original essay samples, each expertly formatted and styled


Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.


    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts


    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.



    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!


    Get Your
    Personalized Essay in 3 Hours or Less!

    We can help you get a better grade and deliver your task on time!
    • Instructions Followed To The Letter
    • Deadlines Met At Every Stage
    • Unique And Plagiarism Free
    Order your paper now