My name is KAM. I live and breathe cyber security and consider myself an expert’s expert. I recently analyzed more than two years of data from breaches where money was stolen and I helped the organization respond. In the field, I would call this, “performing a postmortem of incidents leading to monetary exfiltration“.
It may sound complex, but what I found was very simple…
Excluding insider threats such as embezzlement by an employee or a trusted vendor, implementing* just two policies had a high likelihood of preventing the theft altogether:
[*] Implementing a policy is an important item to discuss because it means the policy is documented, handed out, and trained to the appropriate people in your organization. You shouldn’t just write a policy down and expect it to be followed.
Policy #1: Ban the purchase or reimbursement of Gift Cards unless approved in person by the requestor.
Why? You can train every day about scams and tell users that the Sheriff’s office isn’t going to arrest you unless you pay your parking tickets using WalMart gift cards – but sometimes if you just tell them the company will NOT authorize or reimburse them for their purchase, it makes them take notice.
Policy #2: Verify ACH or Direct Deposit changes by using a Secure Form for the request AND calling the vendor/employee
Why? By verifying changes for your Vendors and Employees by calling them, you are doing something we call, “using out of band communications.” By doing so, you thwart bad actors who only control one form of communication such as email. In addition, your organization can enhance your solution with technologies like Google Forms where you can limit responses to just your domain so you won’t fall victim to impersonations from bad actors easily.
Of course, the single best policy in your cyber defense is Multi Factor Authentication, or MFA, but you’ve probably heard of that before.
Without exaggeration, using MFA will resolve more than 99.9% of the risks from credentials getting compromised. Next column, I will discuss some of the differences between MFA. In the meantime, why not consider implementing these two policies at your organization?
Have a technology question you’d like answered? Email AskKAM@DitoWeb.com. KAM is a Cloud Fellow at Dito where he helps companies manage, migrate, and secure their cloud. Dito is proud to have been awarded Google Security Partner of the Year in June 2022.