10 Best Practices to Secure your Enterprise Data Storage

To facilitate collaboration and instant access to shared files for a global workforce, organizations are increasingly adopting storage solutions from AWS S3, OneDrive, Microsoft Azure, Dell EMC Isilon and other on-premises and cloud providers.

This has increased the attack surface for cybercriminals to steal valuable information for espionage or to hold it for ransom (there has been a 62% increase in ransomware globally in the past 2 years) Organizations need to address the risks associated with storage security such as advanced malware attacks, zero-day threats, and sensitive data loss.

How an organization can protect valuable information

1. Scan for malware before storing – All files should be scanned for malware before they are allowed inside your network or cloud storage and stored. To achieve the highest detection rates and the shortest window of exposure to malware outbreaks, scan files with multiple anti-malware engines (using a combination of signatures, heuristics, and machine learning detection methods) with a multiscanning solution.

2. Scan real-time for new and modified files - Users uploading files could have been hacked or might be using a system that is already compromised. Often, attackers maintain persistence on machines with the intent to use them to come back to the network later.

To ensure newly uploaded or saved files do not introduce a threat inside your secure storage, make sure you process any new file as soon as it is uploaded by enabling real time processing.

3. Remove possible embedded threats – Files such as Microsoft Office, PDF and image files can have embedded threats in hidden scripts and macros that are not always detected by anti-malware engines. To remove risk and make sure that files contain no hidden threats, it is a best practice to remove any possible embedded objects by using a methodology called content disarm and reconstruction (CDR).

4. Run periodic scans on your entire storage by scheduling automated processes – Research shows that in 2020 it took on average 6 months for organizations to detect a data breach.

The SunBurst attack on SolarWinds and its customers started in March 2020 and was only detected in December 2020. Hackers do not make their presence known right away. Once they find a loophole to bypass your security perimeter, they try to infiltrate further and gain more privileged access to collect more data and information.

Malicious code is often introduced via legitimate scripts (for example in Office Documents or productivity files) that later connect to Command & Control servers to download malware.

Malware that employs timing-based evasive tactics bypasses even the most sophisticated sandboxes.

By periodically processing your entire storage, you can catch any latent outbreaks early and limit damage.

5. Mask sensitive and proprietary data before storing – All sensitive data like social security numbers, bank account details, or personally identifiable information (PII) should be redacted, masked, or blocked using data loss prevention technology.

6. Instant scan for suspected infections - If you suspect your storage might have been compromised, kick off instant processing right away. In case there was a breach, the sooner you respond, the less your exposure and potential fallout from a breach.

7. Process files before and after moving - When transferring data from a less secure to more secure storage or from On-premises storage to Cloud storage - scan, sanitize, encrypt and move.

8. Check for vulnerabilities in files – Make sure that you check for vulnerabilities in software and firmware files before they are stored. This is important for protecting not only your storage but your end clients who could potentially download and use a file that is exploitable because of unaddressed software vulnerabilities.

9. Encrypt original files – Encrypt original files stored as backup. Use sanitized versions of the data wherever possible for general workflows.

10. Access control – Limit user access to storage units or buckets. Enforce workflow rules so sensitive data is only accessible on a need-to-know basis.

Authenticate all users before they are allowed access to your storage.

Secure Storage Solution from OPSWAT

OPSWAT MetaDefender for Secure Storage provides an integrated, comprehensive approach to secure enterprise data like documents, videos and images, across multiple storage providers and helps you prevent data breaches, downtime, and compliance violations in your cloud and on-premises storage and collaboration solutions.

We provide native API integrations to enable you to set up, monitor and protect all your enterprise storage in one comprehensive view.

Want to find out more about how to secure your enterprise data storage? For more information, please contact one of our critical infrastructure cybersecurity experts.

Sign up for Blog updates!
Get information and insight from the leader in advanced threat prevention.