For every manufacturing firm, sensitive data is the most valuable asset. If this critical information – in particular, intellectual property (IP) – is ever lost or stolen, manufacturers not only face significant fines and penalties but also suffer a hit to their reputations and public trust. Perhaps most importantly, they risk losing their competitive advantage, which can ultimately lead to business failure and bankruptcy.
Hackers are becoming more sophisticated and determined than ever before, as we’ve witnessed in some of the latest high-profile data breaches to major retailers and government agencies. In a recent report carried out by the global risk consulting service Kroll, physical theft or loss of IP was by far the most prevalent type of security incident organizations interviewed experienced. Of executives in the manufacturing sector whose company experienced a security incident in the year prior, 45 percent said their organizations fell victim to IP theft or loss.
When thinking like a hacker, getting one’s hands on IP – whether in the form of confidential business plans, designs or formulas – is almost always the attackers’ intent. It’s important to remember: they're not usually after any devices – they’re after the data that contains sensitive proprietary information and intellectual property. Once they’ve successfully breached a target company’s systems and located the sensitive data they will attempt to exfiltrate it. After the data is in their hands there are several monetization schemes that can lead to a profit, including reselling the stolen IP to an interested third party, which in some instances could be a competing corporation or nation-state with competing global markets.
Below are ten steps that can be implemented right now to ensure manufacturing firms of all sizes are better prepared to secure their IP, internal operational information and other business-critical, sensitive data:
1. Keep operating systems and all software up to date
This is a tip you’ll hear time and time again from security professionals, but for good reason. Operating system and software updates are not only important from a functionality standpoint, they also contain critical security updates that patch vulnerabilities. Where possible, enable automatic software updates to streamline the process and ensure you (and your staff) are always up to date. Leaving machines unpatched is a major gap in a company’s security posture and should be avoided at all costs.
2. Encrypt sensitive data
Encrypting sensitive data is critical to protecting intellectual property. By using encryption, you can add another layer of protection to your sensitive data that makes it more difficult to access if it’s stolen by an attacker. Encryption should be full disc and file-based for endpoints, in addition to enforcing encryption for emails and devices. Although encryption isn’t a foolproof method and there are ways of cracking it, it can go a long way to safeguarding your most sensitive data if it falls into the wrong hands.
3. Use data protection software
Antivirus software won’t protect against all types of threats – it only offers a baseline protection against common, well-known malware. This is simply not enough for attackers who are targeting sensitive intellectual property. They use more sophisticated methods to penetrate systems and exfiltrate sensitive data, and antivirus software can be bypassed during these attacks. Consider using data protection software that resides on the kernel level of endpoints and provides full visibility of all data being accessed and transmitted. The software should have the capability to fully lockdown confidential data, both structured and unstructured, and place enforcement policies on it to completely prevent it from leaving the corporate IT environment.
4. Ensure internal staff use a unique, complex password for each of their accounts
Reusing passwords (or slightly modified passwords) across different accounts is one of the biggest concerns during a data breach. Attackers will attempt to access multiple other accounts (such as cloud storage drives, Windows login credentials, etc.) by using password credentials that they have obtained for a single, original account. If employees reuse passwords, a simple credential breach of a non-sensitive account can grant hackers access to the manufacturing companies’ corporate network. From there they can pivot to privileged accounts and start accessing sensitive data stored in databases, directories and other IT assets.
5. Securely archive data in a timely fashion
Minimizing the amount of data stored by manufacturers is not only good housekeeping, but it also reduces the amount of information that is available to an attacker that has gained access to those devices. If data is no longer needed – for example, a former client’s contract or project blueprints – it should be encrypted and moved to an offline storage device for long-term archiving.
6. Regularly monitor activity across user accounts
Monitoring user behavior for anomalous or suspicious activity is one of the quickest way to detect a breach before it can cause extreme damage. If suspicious activity is identified, all parties involved should be notified immediately. Even with other protections in place, vigilant monitoring is still often the fastest way to identify a compromise. Be on the lookout for signals such as credentials be used on multiple machines, employees accessing databases or directories they’ve never accessed before, or employees logging in at off-hours when they normally wouldn’t be conducting business.
7. Change all passwords following news of a possible data breach
Unfortunately, data breaches to well-known franchises seem to regularly make news headlines. If your manufacturing firm is using a service that has been breached, such as a free online cloud storage service, the most important first step is to change all associated passwords. By doing so, you ensure that your credentials are useless, even if stolen.
8. Manage privacy settings for mobile applications and online accounts
While it may seem like a daunting task in today’s day and age, keeping up with the privacy settings for different accounts and applications is critical, especially with the popularity of BYOD in the workplace. By doing so, you ensure that companies (or individuals) do not have access to private, sensitive information about yourself or the business’s IP.
9. Put device controls in place for removable media
Although the majority of IT security focuses on protecting against external attackers it’s important not to forget about malicious insiders. Ensure you have controls in place for removable media to prevent any employees from accessing and siphoning sensitive intellectual property from inside your network. Ideally having software that automates the process with policy-based usage controls for removable media devices, including alerts, prompts, or blocks when risky behavior is attempted will be very effective at mitigating the insider threat.
10. Learn to recognize and avoid phishing attacks
Social engineering tactics, particularly phishing attacks, are an incredibly popular tactic for cyber criminals. It’s often faster and easier for an attacker to trick another person into taking a desired action rather than conducting complex, manual hacking attacks themselves. Phishing attacks typically have telltale signs such as unfamiliar senders, strange domain names, spoofed web pages or emails, and messages with links or attachments that weren’t requested. Train yourself and your employees to better identify phishing attacks, and avoid messages that appear suspect.
In today’s highly competitive global economy, IP is key to a manufacturer’s success. To excel in the industry, data protection – even if it’s as simple as good password hygiene and patch management – must be implemented across all internal departments and third-party contractors, who also handle the IP. This is your business’s crown jewel, so protecting it should be prioritized across the entire organization.
