5 Things the Grinch Teaches us about Information Security

by Sarah Harvey / December 7th, 2016

With the holiday season always comes a rise in cyber crime and data theft. With that in mind, it’s a perfect time to remind ourselves of important information security tips to keep us safe and secure this holiday. So don’t let the Grinch ruin your holiday. Here are 5 things the Grinch can teach us about information security:

1. Beware of Social Engineering

“With this coat and this hat I look just like St. Nick!” These infamous words led the Grinch straight through Whoville, sneaking into homes, successfully impersonating someone they trusted, and stealing Christmas. This popular form of hacking, known as social engineering, can be avoided by training your employees to never give out sensitive information (e.g., username and password combinations or unauthorized access to an area) without fully identifying the other person.

2. Ensure Network Security

Don’t let the Grinch slide down your chimney unannounced. Ensure Network Security by implementing and maintaining a firewall configuration. As auditors, a common gap we see when performing audits is a poorly maintained firewall. Maintaining a secure firewall is important in order to monitor incoming and outgoing packet requests and blocking unauthorized requests. Ensure network security by having effective and fully documented policies and procedures.

3. Secure your Last Line of Defense

Train the little Cindy Lou Who’s to recognize security incidents when they happen. Regularly training your employees on security awareness and policies and procedures is a critical component of your organization’s security. You’re only as strong as your weakest link, so continually train employees on logical and physical security responsibilities to ensure your employees will know how to respond in the event of a security incident.

4. Perform Annual Risk Assessments

Don’t let the Grinch rob you blind – Protect your assets from theft and breach. The first step in safeguarding your business from theft or a data breach is by performing an annual risk assessment. Risk assessments are a way to identify assets and prioritize risks to those assets, allowing organizations to ensure the proper controls are put in place to protect those assets from vulnerabilities and threats.

5. Test your Incident Response Plan

The Whos didn’t let the Grinch ruin their holiday. They were prepared to move forward in light of a security incident. Have a plan in place that you have tested and train employees on your incident response plan policies and procedures. Your Incident Response Plan should include policies and procedures that dictate to your organization the immediate actions that are to be taken following the detection of an incident.

Stay safe over the holidays, and don’t forget these 5 important tips to ensure the Grinch doesn’t ruin your holiday.