Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’re looking at four ways you can minimize your attack surface. Organizational IT infrastructure is now more spread out, multi-layered, and complex than ever.

In today’s increasingly remote work environment, IT administrators face the challenge of ensuring end users can securely and seamlessly access company resources from anywhere. A critical aspect of this is managing passwords, particularly when users are away from the domain network. These remote users greatly benefit from cached credentials, or the domain username and password hash stored locally on users’ machines after a successful domain-connected login.

The healthcare sector in the United States has seen a continuous increase in both the frequency and cost of data breaches in the past decade. This is shown by a 61% rise in HIPAA violations from 2019 to 2020, resulting in penalties totaling $13 million for the sector. From 2020 to 2023, the average cost of a single healthcare data breach in the US rose nearly 30%, reaching a whopping $9.3 million.

What do Morgan Stanley, Samsung, and a New York credit union all have in common? They aren’t of the same scale, do not cater to the same customer needs, nor do they store similar data. But, if there’s one thing in common between these three organizations, it’s that they’ve all been victims of a data leak. Morgan Stanley, the banking conglomerate, suffered a data leak due to sheer negligence of handling data at rest.

We are elated to announce that ManageEngine has again been recognized as a Challenger in the 2024 Gartner Magic Quadrant for Privileged Access Management. We believe that this is a testament to the consistency with which ManageEngine delivers a holistic experience for enterprise IT. The Gartner Magic Quadrant evaluated vendors on the basis of their Ability to Execute and their Completeness of Vision.

Firewalls act as the first line of defense, filtering network traffic and blocking malicious activities to safeguard sensitive data and systems. However, setting up a firewall is just the beginning. To ensure it provides optimal protection, it’s essential to implement certain practices for ongoing management. Firewall management involves a series of critical processes to ensure that the firewall operates effectively and provides comprehensive protection against cyberthreats.

In today’s modern networking environment, administrators in many organizations face the challenge of managing authentication for employees, especially when dealing with large staff numbers. Granting access to individual tools can be tedious for both administrators and users, as employees must log in multiple times when switching between tools and remember separate credentials for each.

A firewall rule audit is an essential process for ensuring that your firewall rules are effective and aligned with your security policies. As network environments grow more complex, managing and optimizing firewall rule bases becomes increasingly challenging. Over time, firewall rules can accumulate, leading to bloated, inefficient rule sets that hamper performance, increase security risks, and complicate compliance efforts.

The way we store data has undergone a dramatic shift. From good ol’ floppy disks to today’s cloud storage solutions, advancements in storage have slashed costs and allowed organizations to hold exponentially more data. And we are all taking advantage of this. In fact, data is proliferating at a staggering 25% annually. This presents a double-edged sword. On the one hand, this vast data lake holds immense potential for valuable insights.

In cybersecurity, session sniffing—an attack method where attackers receive and use session data—is a recurring danger. The impacts of session sniffing are evident from numerous high-profile assaults. Let’s discuss some of these important cases that highlight the significance of strong security procedures.