Hundreds of thousands of words have already written trying to understand the mystery of the ‘Panama Papers’ leak from the Panama based legal firm Mossack- Fonseca.
Would you now consult with them on Tax issues or… any issue?
This represents one of the biggest hacks of sensitive information in history- 2.6 TB of information from 40 years of operations – may be a kiss of death to this veteran firm. Just imagine the law suits that are on the way…
Since no official explanation on how it happened is available we can only make a few logical assumptions while trying ensure that a breach of this nature doesn’t happen our organization:
So how can you avoid such or similar breach?
KISS – Keep It Simple Stupid – is a good approach.
Block USB or PCI connections, block unnecessary data shares, monitor admin rights & logged on users and get alerts on breaches:
|How to Do it?|
Keeps you safe from:
|1. Keep USB & PCI ports locked as a policy||a. Use endpoint agents to lock the USB and PCI ports.b. Apply GPO to lock the USB and PCI.|
c. Use Promisec Agentless technology to lock the USB’ and Monitor that DLP/NAC/Agents are actually locking the USB’s
|External storage device connection|
|2. Monitor 24×7 any breach in USB lock policy and get alerts||Use Promisec Agentless technology to monitor 24×7 that no new USB device has entered any endpoint||Missing any entrance of a USB device to your endpoints|
|3. Monitor 24×7 if your content is being used/copied by unauthorized users||a. Use DLP and other content management agents on the endpoint.b. Monitor & manage EveryOneShare credentials with Promisec’s agentless technology in PC’s and Servers to make sure only authorized users can see relevant content.|
c. Monitor &manage LastLoggedOn user to the PC or Server with Promisec’s agentless technology in PC’s and Servers to make sure only authorized users are logged on to the PC or Server. Get immediate alerts on breaches.
|Unauthorized usage of content|
Promisec Endpoint Manager (PEM) offers both malware protection and cyber threat detection capabilities. PEM’s endpoint security software monitors for threats and remediates issues before they cause problems for the enterprise. PEM also lets security professionals correct issues remotely and automatically without requiring the use of any heavy endpoint agents. PEM’s built-in reports deliver detailed information to IT teams and executives, so companies can see where they need to address security gaps. PEM’s security threat detection and remediation capabilities allows for enterprise data protection, and keeps information safe even from curious end users.