The answer is not a simple one.
If it were, this blog would be a single word long.
The tools we used years ago are still a good first line of defense. They include such things as a firewall, malware and virus protection. Unfortunately, hackers have gotten as sophisticated as the tools used to deter them.
Hackers rarely try to penetrate the firewall anymore. Their attacks are usually “around” the firewall, exploiting any of the hundreds of software implementations on your systems.
The bad news is, there is currently no way to guarantee 100% that your network can not be compromised. But like your home which can never be protected completely, you still want to lock your doors when you leave.
The state of the art data security approach employs a SIEM (Security Information and Event Management) toolset. These software constantly check your network activity logs looking for anomalies and questionable activities. The best of these products will advise you of vulnerability issues as well as intrusion event.
The only possible way to cope with the number of new threats that are discovered each day, is to use an automated SIEM tool. in
To appreciate the complexity and effort involved, AlienVault, one of the premiere SIEM tools, publishes a daily threat list which is then added to their software database to best defend your site.
So, can you fully protect your data? Probably not. Is it still worth the effort to try? Of course. You wouldn’t leave your house unlocked, would you?