As previously we talked briefly about digital footprint and how to manage it in our blog 4 Ways To Manage Enterprise Digital Footprint. Here we will talk in detail about how to Secure Enterprise digital footprints. An Enterprise Digital Footprint is an inventory of all the digital assets over the internet (web, mobile, individual, social, etc) related to an enterprise that was exposed to the internet intentionally or sometimes unintentionally.
Digital assets that are exposed intentionally are the attack surface you are aware of and can take necessary steps to make it secure. But the digital assets that your enterprise exposes to the internet unintentionally are hard to secure as you don’t have track of them officially. This exposes your digital attack surface to hackers and creates soft targets for them.
In 2007, AOL security researcher William Salusky and his team discovered one of the first instances of malvertising — a digital ad running on aol.com had been configured to serve up malware to unsuspecting visitors. This turned out to be the beginning of a new era where attackers use a company’s digital footprint to distribute malware and commit fraud. This got enterprises’ attention to monitor their digital footprint and secure them.
4 Steps To Secure Enterprise Digital Footprints (Unknown Unknowns):
1- Discover Enterprise Digital Footprints
As organizations are more focused on empowering departments so that they can fulfill their business objective. Local departments like marketing etc. buy a domain and launch a website/application without informing security/IT teams. CISOs are losing visibility of what to secure and what not.
So, the first step is to discover the unknown digital assets (domains, subdomains, IPs, applications, etc) to get a visibility of what a CISO/security team should secure. FireCompass uses a headless browser infrastructure that collects information about an enterprise by scanning through all 3+ billion IPs (the whole internet).
2- Create An Inventory Of All Your External Digital Assets
It’s useful to maintain an inventory of all the digital assets so that the security team can easily check for security updates, vulnerability testing, and required patch management.
Also, enterprises should manage the new assets launched in their inventory. So they can easily manage all of their up-to-date external digital assets.
3- Prioritise Digital Assets To Take Actions Required To Secure Digital Attack Surface
Enterprises are generating a lot of data these days. It’s estimated that 2.5 quintillion bytes of data is created each day, and as a result, there will be 40 zettabytes of data created by 2020 – which highlights an increase of 300 times from 2005. Now with this huge digital assets inventory in place, one can decide their focus, and prioritize the action based on the critical and business requirement.
4- Monitor Enterprise Digital Footprints Continuously
Just having an inventory of digital assets is not helpful. Enterprises should monitor their digital footprints for any vulnerability etc. and take required action to resolve all those issues.