HOW POOR ENCRYPTION PRACTICES ARE AFFECTING TODAY’S BUSINESSES

Businesses are overlooking proper encryption practices. Most have mastered the encryption of data in transit but fail to secure data at rest – failing to give encryption its full value.

Breakdowns in identity strategy and soft data management practices can leave information at risk. Encryption is nothing if an organisation doesn’t have the proper security platform in place with the key controls, identity access management etc.

When it comes to poor encryption practices, 3 critical threat areas to keep in mind are poor key management, in-memory attacks and open-source app development widgets.

Poor key management can lower the barrier to entry for cybercriminals. What happens is that many businesses store encryption keys on the same system as the data and then give the keys to multiple employees. Logically, when everyone has access to the keys, it’s the same as not being locked.

In-memory attacks amount to 20-30% of attacks every day. It’s so common because attackers execute malware by either having the victim launch it from a malicious Word or Excel document, or via the browser on an infected webpage.

These file-less threats are the primary reason why antivirus measures don’t work. They’re a difficult threat to catch because there’s no trace of them on the disk. Delivery is extremely stealthy and chances of getting caught are slim. Once a machine is rebooted, the attack is gone.

Businesses can defend against in-memory attacks by disabling macros on any endpoint or computer that doesn’t need them.

The third threat to watch is open-source app development widgets. Those building applications are usually third-party agencies with little security experience who often skip the checkpoints and testing previously used in the past.

Developers build and test apps in development environments that are not secure, with tools that may be malicious. Attackers can target apps still in production, and even non-critical apps can be gateways to more sensitive information.

Today’s developers create applications with frameworks and widgets. They prefer open-source tools, and a lot of those components were built by threat actors looking for backdoors to steal employee information.

While developers don’t necessarily need security training, they should work with the security teams to ensure they are doing the right thing. Automation can help developers make secure decisions without always being aware of it.