The recent string of high-profile network security breaches has given businesses, IT professionals and consumers cause for concern. The latest attack that has highlighted the importance of network security was the breach of the Yahoo! Contributor Network, which exposed about 450,000 email addresses and passwords.
In response to this attack, InformationWeek has published seven best practices that will help businesses protect their customers’ sensitive data. According to InformationWeek, businesses should take the following security measures:
- Take password protection seriously. Since passwords in the Yahoo! Contributor Network were both encrypted and in clear text, the hackers were able to easily see the passwords. When it came to the attack, the encryption was useless. InformationWeek says that “any business or government agency that stores users’ passwords needs to do a better job of not just deleting password databases, but ensuring they’re actually secure.”
- Ensure that you protect all data acquired from a third party. Reports have stated that Yahoo! acquired the Contributor Network database from a third-party. InformationWeek suggests protecting all acquired systems with a web application firewall to help block SQL injection attacks.
- Require stronger passwords. Although stronger passwords wouldn’t have helped in the Yahoo! breach, as they were available in clear text, businesses can take additional precautions by requiring their users to create strong passwords. Allowing customers to use passwords such as “12345” and “password” makes it easier for hackers to gain access to their data.
To view the complete list of best practices, read Yahoo Password Breach: 7 Lessons Learned.