Did you know that your company& 39;s confidential information is climbing to its corporate firewall and break out of your fantasy intrusion detection system? Every day gigabytes of information to go directly from your front door - at your company& 39;s laptops. How expensive it would be if one of these computers was stolen?
Before franchise to start checking your insurance premiums, to take a second to assess the security situation on the true value notebook: The information stored within. Making it even more valuable, or at least potentially costly, is the adoption of the law in California Senate Bill 1386 (SB1386). The burden of preserving the confidentiality of information has been pushed to the information holder - you.
Per SB1386: Following the discovery or notification of the violation of safety data to any resident of California whose unencrypted personal information in the form of [time name and social security, drivers license or accounts, credit or debit card number] was, or is reasonably believed to have been acquired by unauthorized person ... shall disclose any breach of [potentially including] notice on the main state media.
While no direct or civil penalties of fines imposed disclosure requirements on the law are severe enough to damage the viability of even the most authoritative institution. And, despite the fact that the California law, it has national implications because of the media notification provision. With this in mind, how much of that responsibility could be stolen laptop? With little up-front due diligence and assessing the security situation, these obligations can be reduced by taking some simple steps to prevent incidents with laptop occurring.
Security Rating: Threats
Security estimates show that information on the laptop can be reduced in two ways: physical theft laptop itself, or network intrusion while the laptop is connected to an external unprotected network.
From security at a checkpoint on the back of the airport rental car before leading the table at the conference, information thieves are walking away with laptops every day. Although the motivation of most of these thefts are not on the information stored on a laptop, but the equipment itself, there have been cases where specific individuals were victims " laptops information stored within.
Security estimates show that laptop to connect remote Set other easy way to compromise the security of confidential information. Remote networks vary depending on the wireless access point (WAP) at the local cafe, to wired in a hotel room and a cable modem in your home office.
Thinking that using a wireless network without Starbucks personal firewall, or VPN? You can also just run a patch cable around your corporate firewall directly to your laptop. Both ways, security estimates show that your computers exposed.
Security Rating: Politics and Procedures
As always, the easiest way to prevent something from happening is to implement policies and procedures to prohibit activities that may harm the security of data as well as hold thorough training of your employees follow said procedures.
A policies are very simple and cost-effective procedure is to limit the number of confidential information on the computer. This can be enforced by periodic assessment of the security, cleaning clean laptop all users of information and requiring the user to access and maintain a minimum set of confidential information on travel between the laptop from the office. While maintaining the magazine and maintain minimal data on a laptop, the responsibility should be limited to the incident than occur.
Rather keep confidential information directly to your computer, it should be stored on external storage, allowing laptop remain void of any confidential information. External Storage solutions include network data storage (file servers), data warehousing on the Internet (sites), and locally attached storage devices (disks or USB flash drives). USB flash drives are very convenient, storing large amounts of data on key size device under $ 100.
Laptops using the network to download sensitive information should not be on the spot cache data. Locally attached storage devices need to be kept separate from the laptop when not in use, and travel separately from the notebook. Security estimates show that this excludes any impact should be stolen laptop, most likely, the goal thief, but users will certainly need to be vigilant about keeping the external storage device secure.
A firewall and VPN should be required when the laptop is attached any remote network, even if the policy allows laptops to connect to remote networks. Wireless networks should never be considered safe, as most of them easily tapped. Hotel and cafe wireless networks are typically carried out unencrypted manner allowing anyone to monitor network traffic and laptops. Encryption in modern wireless devices dreadfully inadequate and the defeat of the number of readily available funds. Personal firewall will prevent users from connecting to malicious computer and VPN encrypts all data sent from the laptop through air.
Wired remote networks, such as home office DSL, cable modem and telephone line, to wear the same threats as wireless networks, in particular, that malicious users can view the data in unencrypted through the network and initiate attacks on unprotected computer. Once again, security, estimates show that personal firewall and VPN should be the case even if the computer has the ability to connect to remote network in the first place.
Data Security Assessment
As mentioned above, the amount of information stored on a laptop should be kept to a minimum. Instead of loading activities laptop with all information about the user, simply download the information required for this trip from the office. On the next trip, to clear the old data and download the new measures. If the incident occurred, the responsibility is much more limited.
Data encryption and digital rights management (DRM) solutions are coming of age and soon will encrypt all information across the network and laptop computers. With DRM solution, all information is encrypted and requires the user to enter a password to view files, making security assessment easier. In addition, a detailed history of requested licenses to continue, which is crucial in the case of the laptop theft.
Hopefully, you do not have to worry about stealing a laptop, but with some of these proposals, risks can be mitigated. Laptop computers are becoming part of the wide dissemination of modern mobile society, and some will disappear. However, some of these proposals and vigilant in assessing the security situation, the responsibility will be minimal, there would be no loss of information, and your only concern, that would be brilliant new models of laptop you have to order.
Redspin specializes in security and safety audit Assessment services that help identify potential threats. http://www.redspin.com
Bookmark it:
No comments:
Post a Comment