3 steps to a better protected IT system

  1. Establish strong privilege-management policy. In order mitigate malicious and risky activities, make sure that all changes to privileged accounts are authorized and all activities are within the scope of established policies. Regular auditing with daily summary reports and timely notifications with email alerts about all changes help in dealing with this matter. As for advanced solutions, consider video-recording privileged accounts’ activity.
  2. Restrict access to records and files. Access to systems containing protected information should be granted only to those who need it to perform their duties. Block users’ access to information if a user no longer requires it, lock user accounts after multiple unsuccessful access attempts, and monitor shared resources for availability of sensitive data.
  3. Monitor user accounts. Monitoring user accounts is one of best ways to avoid insider misuse or to detect access to personal identifiable information (PII), as well as spotting malicious changes at an early stage, says the company. Auditing user activity and account states, including creations, modifications and deletions across all IT systems, helps to avoid potentially critical changes to systems and data that may lead to security incidents. In addition, disabling accounts of former employees or students as soon as they leave the organization is a recommended best practice that helps to maintain security.

“Education is a heavily regulated industry, and a per-capita data breach cost is quite high,” said Michael Fimin, CEO and co-founder of Netwrix. “Like other organizations, academic institutions face financial and reputation losses and have to pay huge fines for non-compliance after security incidents. Sensitive data has always been the favorite treat for thieves, so there is always a risk of personal and internal data leak. Always take it one step further, and make sure that changes made across the entire IT infrastructure don’t put the data at risk.”

Material from a press release was used in this report.

eSchool Media Contributors
Latest posts by eSchool Media Contributors (see all)