Fumana iDemo
Ngema

Ngaba uye Wazibhenca Mvanje?

by Sep 14, 2023BI/Analytics0 izimvo

 

Sithetha ngokhuseleko efini

Ukutyhila ngaphezulu

Masiyibeke ngolu hlobo, ingaba uzikhathaza ngantoni ngokuveza? Zeziphi ezona asethi zakho zexabiso? Inombolo yakho yoKhuseleko lweNtlalo? Ulwazi lweakhawunti yakho yebhanki? Amaxwebhu abucala, okanye iifoto? Ibinzana lakho lembewu ye-crypto? Ukuba ulawula inkampani, okanye unoxanduva lokugcinwa ngokukhuselekileyo kwedatha, unokuba nexhala malunga nohlobo olufanayo lolwazi olufakwa esichengeni, kodwa kwi-ab.roader isikali. Uphathiswe abathengi bakho ngokhuseleko lwedatha yabo.

Njengabathengi, sithatha ukhuseleko lwedatha yethu lula. Ngokufuthi ngakumbi kwezi ntsuku ukuba idatha igcinwa efini. Inani labathengisi banikezela ngeenkonzo ezivumela abathengi ukuba bagcine idatha kwiikhompyuter zabo zasekhaya ukuya kwilifu. Yicinge njenge-hard drive enenyani esibhakabhakeni. Oku kubhengezwa njengendlela ekhuselekileyo nefanelekileyo yokukhusela idatha yakho. Elula, ewe. Unokufumana kwakhona ifayile oyicime ngempazamo. Uyakwazi ukubuyisela yonke i-hard drive egama layo lonakalisiwe.

Kodwa ngaba ikhuselekile? Unikwe isitshixo kunye nesitshixo. Isitshixo, ngokwesiqhelo, igama lomsebenzisi kunye negama lokugqitha. Ifihliwe kwaye yaziwa nguwe kuphela. Yiyo loo nto iingcali zokhuseleko zicebisa ukuba ugcine igama eliyimfihlo likhuselekile. Ukuba umntu ufumana ukufikelela kwiphasiwedi yakho, banesitshixo esibonakalayo sendlu yakho yenyani.

Uyayazi yonke le nto. Igama lakho eliyimfihlo kwinkonzo yelifu eligcinayo linoonobumba abali-16 ubude, linoonobumba abakhulu nabancinane, amanani kunye nesibini esikhethekileyo soonobumba. Uyitshintsha rhoqo kwiinyanga ezintandathu kuba uyazi ukuba oko kwenza kube nzima kwi-hacker. Yahlukile kwezinye iipassword zakho – awusebenzisi igama eliyimfihlo kwiisayithi ezininzi. Yintoni enokonakala?

Ezinye iinkampani zibonelela ngento abayibize njenge "Lifu loBuntu." Western Digital yenye yezo nkampani ezibonelela ngendlela elula yokugcina idatha yakho kwindawo yakho yobuqu efini. Lugcino lwenethwekhi olufumaneka kwi-intanethi. Iplaga kwirutha yakho ye-Wi-Fi ukuze ukwazi ukufikelela kuyo naphi na ngaphakathi kwinethiwekhi yakho. Ngokufanelekileyo, kuba iqhagamshelwe kwi-intanethi, unokufikelela kwidatha yakho yobuqu naphi na kwi-intanethi. Ngokulula kuza nomngcipheko.

Isikhundla Sokulalanisa

Ekuqaleni kwalo nyaka, abaduni baqhekeza eNtshona Digitaliinkqubo kwaye zikwazile ukukhuphela malunga ne-10 Tb yedatha. Abathumeli abamnyama emva koko babambe idatha yentlawulelo kwaye bazama ukuthethathethana malunga ne-US $ 10,000,000 yokubuyisela ngokukhuselekileyo idatha. Idatha ifana neoli. Okanye mhlawumbi igolide sisifaniso esingcono. Omnye waba hacker wathetha ngemeko yokungachazwa kwamagama. Hayi! TechCrunch udlan’ indlebe naye ngethuba ekwinkqubo yolu shishino. Yintoni enomdla kukuba idatha eyaye yaphazamiseka yayiquka iNtshona Digital's isatifikethi sokusayina ikhowudi. Oku kukulingana kobuchwepheshe kunye ne-retina scan. Isatifikethi sijonge ukuchonga umnini okanye umthwali ngokuqinisekileyo. Ngolu vavanyo lwe-retina lwenyani, akukho gama liyimfihlo lifunekayo ukufikelela kwidatha "ekhuselweyo". Ngamanye amazwi, ngesi satifikethi lo somashishini umnqwazi omnyama unokuhamba kanye kumnyango wangaphambili we digital ibhotwe.

sentshona Digital akavumanga ukuphawula xa ephendula amabango e-hacker athi basekwinethiwekhi yeWD. I-hacker engachazwanga ibonise ukuphoxeka ukuba abameli baseNtshona Digital ebengaziphenduli iicalls zakhe. Ngokusemthethweni, kwi-a upapasho ndaba zekhampani, eNtshona Digital ibhengeze ukuba, "Ngokusekwe kuphando ukuza kuthi ga ngoku, iNkampani ikholelwa ukuba iqela elingagunyaziswanga lifumene idatha ethile kwiinkqubo zayo kwaye lisebenzela ukuqonda ubunjani kunye nobungakanani baloo datha." Ngoko, eNtshona Digital ngumama, kodwa i-hacker iyathetha. Ngokuphathelele indlela abayenze ngayo, i-hacker ichaza indlela abaye baxhaphaza ngayo ubuthathaka obaziwayo kwaye bakwazi ukufikelela kwidatha efini njengomlawuli wehlabathi.

Umlawuli wehlabathi, ngokwendalo yendima, unokufikelela kuyo yonke into. Akayidingi password yakho. Unesitshixo esiyintloko.

sentshona Digital Asinguye Wedwa

A survey kulo nyaka uphelileyo kwafumaniseka ukuba ama-83% eenkampani ekwenziwa uphando kuzo ngaphezu kweyodwa ukophulwa kwedatha, i-45% yazo isekelwe kwilifu. I avareji iindleko zokophulwa kwedatha eUnited States yayiyi-US $ 9.44 yezigidi. Iindleko zahlulwa zibe ziindidi ezine zeendleko - ishishini elilahlekileyo, ukufumanisa kunye nokunyuka, isaziso kunye nempendulo yokuphulwa kweposi. (Andiqinisekanga ukuba loluphi udidi lwentlawulelo yedatha. Akucaci ukuba ngaba nabani na kwabaphenduli baye bahlawula iimfuno zentlawulelo.) Ixesha eliqhelekileyo elithatha umbutho ukuchonga nokuphendula ukuphulwa kwedatha malunga neenyanga ezili-9. Akumangalisi ke ukuba kwiinyanga ezininzi emva kweNtshona Digital baqale bavuma ukophulwa kwedatha, basaphanda.

Kunzima ukuthetha ngokuthe ngqo ukuba zingaphi iinkampani eziye zaphulwa kwedatha. Ndiyazi enye inkampani enkulu yabucala eyahlaselwa yi-ransomware. Abaninizo bala ukuthethathethana kwaye abazange bahlawule. Oko kuthetha ukuba, endaweni yoko, ii-imeyile ezilahlekileyo kunye neefayile zedatha. Bakhetha ukuphinda bakhe yonke into ukusuka kwii-backups ezingosulelwanga kunye nokufaka isoftware kwakhona. Kwakukho ixesha eliphantsi kunye nokulahleka kwemveliso. Lo msitho awuzange ube kumajelo eendaba. Loo nkampani yaba nethamsanqa kuba 66% kwiinkampani ezincinci ukuya kweziphakathi ezihlaselwa yi-ransomware ziphela ziphuma kwishishini phakathi kweenyanga ezi-6.

Ukuba ukhe wenza ishishini, okanye wasebenzisa iinkonzo ze-Capital One, i-Marriott, i-Equifax, i-Target okanye i-Uber, kusenokwenzeka ukuba igama lakho eliyimfihlo libekwe emngciphekweni. Nganye kwezi nkampani zinkulu iye yafumana ukophulwa kwedatha.

 

  • I-Capital One: I-hacker ifumene ukufikelela kubathengi abazizigidi ezili-100 kunye nabafaki-zicelo ngokuxhaphaza ubuthathaka kwisiseko selifu senkampani.
  • UMarriott: Ulwaphulo lwedatha luveze ulwazi kubathengi abazizigidi ezingama-500 (oku kwaphulwa akuzange kubonwe iminyaka emi-4).
  • I-Equifax: Iinkcukacha zobuqu efini kubathengi abazizigidi ezili-147 zavezwa.
  • Ithagethi: Abaphuli-mthetho be-Cybernakele bafikelele kwi-40 yezigidi zeenombolo zekhadi letyala.
  • U-Uber: Abaduni baye babeka esichengeni ilaptop yomphuhlisi kwaye bafumana ukufikelela kubasebenzisi abazizigidi ezingama-57 kunye nabaqhubi abangama-600,000.
  • LastPass[1]: Abaduni beba i-33 yezigidi zedatha ye-vault yabathengi kwindawo yokugcina ilifu kule nkampani yomphathi wephasiwedi. Umhlaseli ufumene ukufikelela kwisitoreji selifu se-Lastpass esebenzisa "isitshixo sokufikelela kwisitoreji selifu kunye nezitshixo ze-decryption ze-container ezimbini" ezibiwe kwindawo yomphuhlisi.

Ungajonga ukuze ubone ukuba uye wavezwa kukophulwa kwedatha kule webhusayithi: ndibethwe? Chwetheza idilesi yakho ye-imeyile kwaye iya kukubonisa ukuba zingaphi ukophulwa kwedatha idilesi ye-imeyile efunyenwe kuyo. Ngokomzekelo, ndichwetheze kwenye yeedilesi zam ze-imeyile kwaye ndafumanisa ukuba ibe yinxalenye ye-25 yokwaphulwa kwedatha eyahlukeneyo, kuquka i-Evite. , iDropbox, i-Adobe, i-LinkedIn kunye ne-Twitter.

Ukugxotha abaxhasi abangafunwayo

Akunakuze kubekho ukuvunywa koluntu nguNtshona Digital ngayo kanye into eyenzekayo. Isiganeko sibonisa izinto ezimbini: idatha efini ikhuselekile kuphela njengabagcini bayo kwaye abagcini bezitshixo kufuneka balumke ngokukhethekileyo. Ukuchaza umgaqo kaPeter Parker, kunye nokufikelela kweengcambu kuza noxanduva olukhulu.

Ukuchaneka ngakumbi, umsebenzisi oyingcambu kunye nomlawuli wehlabathi abafani ncam. Zombini zinamandla amakhulu kodwa kufuneka zibe ziiakhawunti ezahlukeneyo. Umsebenzisi weengcambu ungumnikazi kwaye unokufikelela kwi-akhawunti yefu yenkampani kwinqanaba elisezantsi. Ngaloo ndlela, le akhawunti inokucima yonke idatha, ii-VMs, ulwazi lomthengi - yonke into egcinwe yishishini efini. Kwi-AWS, kukho kuphela Imisebenzi emi-10, kuquka ukuseta kunye nokuvala i-akhawunti yakho ye-AWS, efuna ngokwenene ufikelelo lweengcambu.

Iiakhawunti zomlawuli kufuneka zenziwe ukwenza imisebenzi yolawulo (duh). Kukho iiakhawunti ezininzi zoMlawuli ezihlala zisekwe emntwini, ngokungafaniyo neakhawunti enye yeengcambu. Ngenxa yokuba iiakhawunti zoMlawuli zibotshelelwe kumntu ngamnye, unokujonga ngokulula ukuba ngubani owenze utshintsho kwimekobume.

Ilungelo elincinane loKhuseleko oluPhezulu

Uphando lokuphulwa kwedatha lufunde impembelelo yezinto ze-28 kubunzima bokuphulwa kwedatha. Ukusetyenziswa kokhuseleko lwe-AI, indlela ye-DevSecOps, ukuqeqeshwa kwabasebenzi, isazisi kunye nolawulo lokufikelela, i-MFA, uhlalutyo lokhuseleko lwaye lwaba nefuthe elihle ekunciphiseni umyinge we-dollar olahlekileyo kwisiganeko. Ngelixa, ukusilela kokuthotyelwa, ukuntsonkotha kwenkqubo yokhuseleko, ukunqongophala kwezakhono zokhuseleko, kunye nokufuduka kwamafu zizinto ezibe negalelo ekonyukeni okuphezulu kwexabiso eliphakathi lokophulwa kwedatha.

Njengoko ufudukela kwilifu, kufuneka ulumke ngakumbi kunangaphambili ekukhuseleni idatha yakho. Nazi ezinye iindlela ezongezelelweyo zokunciphisa umngcipheko wakho kwaye uqhube indawo ekhuselekileyo ukusuka ku ukhuseleko ukuma:

1. Uqinisekiso lweMuli-factor: nyanzelisa i-MFA yeengcambu kunye nazo zonke ii-akhawunti zoMlawuli. Ngcono nangakumbi, sebenzisa isixhobo seMFA sesixhobo esibonakalayo. Umntu onokuthi ahlasele i-hacker akayi kufuna kuphela igama le-akhawunti kunye negama lokugqitha, kodwa kunye ne-MFA ebonakalayo eyenza ikhowudi edibeneyo.

2. Amandla ngamanani amancinci: Ukunciphisa ukuba ngubani onokufikelela kwingcambu. Ezinye iingcaphephe zokhuseleko zicebisa ukuba bangabi ngaphezu kwe-3 abasebenzisi. Lawula ufikelelo lomsebenzisi wengcambu ngokucokisekileyo. Ukuba uphumeza ulawulo lwesazisi kunye nokuphuma ngaphandle kwenye indawo, yenze apha. Ukuba omnye kwisangqa sokuthembela ushiya umbutho, tshintsha igama eligqithisiweyo lengcambu. Buyisa isixhobo seMFA.

3. Amalungelo eakhawunti aMiselweyo: Xa ubonelela ngeeakhawunti zabasebenzisi abatsha okanye iindima, qinisekisa ukuba banikwa amalungelo awodwa amancinci ngokungagqibekanga. Qala ngomgaqo-nkqubo wofikelelo omncinci kwaye emva koko unike imvume eyongezelelweyo njengoko kufuneka. Umgaqo wokubonelela ngokhuseleko oluncinci ukuphumeza umsebenzi ngumzekelo oya kudlula imigangatho yokuthotyelwa kwe-SOC2 yokhuseleko. Ingcamango kukuba nawuphi na umsebenzisi okanye isicelo kufuneka sibe nokhuseleko oluncinci olufunekayo ukwenza umsebenzi ofunekayo. Okukhona liphezulu ilungelo elithotyelwe phantsi, kokukhona kukho umngcipheko omkhulu. Ngokuchaseneyo, okukhona lisezantsi ilungelo eliveziweyo, kokukhona usezantsi umngcipheko.

4. Amalungelo oPhicotho-zincwadi: Rhoqo uphicothe kwaye uphonononge amalungelo anikwe abasebenzisi, indima, kunye neeakhawunti ngaphakathi kwendawo yakho yelifu. Oku kuqinisekisa ukuba abantu ngabanye banemvume eyimfuneko kuphela yokwenza imisebenzi abayimiselweyo.

5. Ulawulo lwesazisi kunye namaLungelo angexesha nje: Chonga kwaye urhoxise nawaphi na amalungelo agqithisileyo okanye angasetyenziswanga ukunciphisa umngcipheko wofikelelo olungagunyaziswanga. Nikeza kuphela amalungelo okufikelela kubasebenzisi xa bewafunela umsebenzi othile okanye ixesha eliqingqiweyo. Oku kunciphisa indawo yohlaselo kwaye kunciphisa ifestile yamathuba kwizisongelo zokhuseleko ezinokubakho. https://www.cnbc.com/2022/10/20/former-hacker-kevin-mitnick-tips-to-protect-your-personal-info-online.html

6. Iinkcazi ezizinzisiweyo: Yalela i-hard-coding yoqinisekiso olungafihlwanga (igama lomsebenzisi, igama lokugqitha, izitshixo zofikelelo) kwizikripti, imisebenzi, okanye enye ikhowudi. Endaweni yoko jonga ku umphathi weemfihlo onokuzisebenzisa ukukhuphela kwakhona iziqinisekiso ngokwenkqubo.

7. Ulungelelwaniso lwe-Infrastructure-as-Code (IaC).: Namathela kwezona zenzo zokhuseleko xa ulungiselela isiseko selifu sakho usebenzisa izixhobo ze-IaC ezifana ne-AWS CloudFormation okanye iTerraform. Kuphephe ukunika ukufikelela kuluntu ngokungagqibekanga kwaye uthintele ukufikelela kwimithombo kuthungelwano oluthembekileyo kuphela, abasebenzisi, okanye iidilesi ze-IP. Sebenzisa iimvume ezivunyiweyo kunye neendlela zolawulo lofikelelo ukunyanzelisa umthetho-siseko welona lungelo lincinci.

8. Ukugawulwa kweentshukumo: Nika amandla ukugawulwa kwemithi okupheleleyo kunye nokubeka iliso kwizenzo kunye neziganeko kwindawo yakho yelifu. Thatha kwaye uhlalutye iilog zayo nayiphi na imisebenzi engaqhelekanga okanye enokuba yingozi. Ukuphumeza ulawulo oluluqilima lwelogi kunye nolwazi lokhuseleko kunye nolawulo lwesiganeko (SIEM) izisombululo zokufumanisa nokuphendula iziganeko zokhuseleko ngokukhawuleza.

9. UVavanyo oluQhelekileyo lokuba sesichengeni: Yenza uvavanyo rhoqo lokuba sesichengeni kunye novavanyo lokungena ukuchonga ubuthathaka bokhuseleko kwindawo yakho yelifu. Cima kwaye ulungise nabuphi na ubuthathaka obuchongiweyo ngokukhawuleza. Gcina umkhondo wohlaziyo lokhuseleko kunye neepatches ezikhutshwe ngumboneleli wakho welifu kwaye uqinisekise ukuba zisetyenziswa ngokukhawuleza ukukhusela kwizisongelo ezaziwayo.

10. LeMfundo kunye noQeqesho: Ukukhuthaza inkcubeko yokwazisa ngokhuseleko kunye nokubonelela ngoqeqesho rhoqo kubasebenzi malunga nokubaluleka komgaqo welona lungelo lincinci. Bafundise malunga nemingcipheko enokubakho eyayanyaniswa namalungelo agqithisileyo kunye nezona ndlela zilungileyo zokuzilandela xa ufikelela kwaye ulawula izibonelelo ngaphakathi kwimekobume yelifu.

11. Iipetshi kunye noHlaziyo: Nciphisa ubuthathaka ngokuhlaziya rhoqo yonke isoftware yeseva. Gcina isiseko sakho selifu kunye nezicelo ezinxulumeneyo zihlaziyiwe ukuze ukhusele kubuthathaka obaziwayo. Ababoneleli ngamafu bahlala bekhupha iipetshi zokhuseleko kunye nohlaziyo, ke ukuhlala ngoku kunye neengcebiso zabo kubalulekile.

ithemba

Yehla ekuthembeni - ukubonelela kuphela abo bakwintlangano yakho intembeko yokufezekisa imisebenzi ekufuneka beyenzile ukuze wenziwe umsebenzi wabo. Iingcali zokhuseleko zicebisa Ithemba leZero. Imodeli yokhuseleko yeZero Trust isekwe kwimigaqo emithathu engundoqo:

  • Qinisekisa ngokuthe ngqo - sebenzisa zonke iindawo zedatha ezifumanekayo ukuqinisekisa ukuba ngubani kunye nokufikelela komsebenzisi.
  • Sebenzisa ukufikelela okuncinci-kwangexesha kunye nokhuseleko olwaneleyo.
  • Cingela ukophulwa - fihla yonke into, sebenzisa uhlalutyo olusebenzayo kwaye ube nempendulo kaxakeka endaweni.

Njengomthengi welifu kunye neenkonzo zefu, nayo yehla ukuthembela. Kuya kufuneka uzibuze, "Ngaba ndiyamthemba umthengisi wam ukuba agcine idatha yam exabisekileyo efini?" Ukuthembela, kule meko, kuthetha ukuba uxhomekeke kuloo nkampani, okanye enye efana nayo, ukulawula ukhuseleko njengoko sichazile ngasentla. Kungenjalo, ukuba uphendula ngokungalunganga, ngaba ukulungele ukwenza uhlobo olufanayo lomsebenzi wolawulo lokhuseleko kwindawo yakho yekhaya. Ngaba uyazithemba?

Njengenkampani ebonelela ngeenkonzo kwilifu, abathengi babeke ithemba labo kuwe ukuze bakhusele idatha yabo kwisiseko sakho selifu. Yinkqubo eqhubekayo. Hlala unolwazi malunga nezisongelo ezivelayo, hlengahlengisa amanyathelo akho okhuseleko ngokufanelekileyo, kwaye usebenzisane neengcali ezinamava okanye abacebisi bokhuseleko ukuze uqinisekise ukhuseleko oluphezulu lweshishini lakho kumhlaba welifu osoloko uvela.

 

  1. https://www.bleepingcomputer.com/news/security/lastpass-hackers-stole-customer-vault-data-in-cloud-storage-breach/

 

BI/AnalyticsAkohlulwanga
Unclutter Your Insights: Isikhokelo sokuHlalutywa kweNtwasahlobo yoHlaziyo

Unclutter Your Insights: Isikhokelo sokuHlalutywa kweNtwasahlobo yoHlaziyo

Unclutter Your Insights Isikhokelo sokuHlalutywa kweNtwasahlobo yokuHlaziya Unyaka omtsha uqala nge-bang; iingxelo zokuphela konyaka ziyadalwa kwaye ziphicothwe, kwaye ke wonke umntu azinze kwishedyuli yomsebenzi engaguqukiyo. Njengoko iintsuku ziya zisiba nde nemithi neentyatyambo ziyadubula,...

Funda Okuninzi

| Ngo-Apr 10, 2024 | 0

Gcwalisa Okuninzi