Watch out! there's a data thief about

9-Aug-2006

Q How can I prevent unwanted people from accessing and/or stealing the sensitive and confidential information stored on my firm’s computers?

 

Data theft is now easier than ever before. Recently, two workers from Coca-Cola were arrested for stealing information and trying to sell it to PepsiCo. This is just one high-profile example of data theft which has hit the headlines in recent years, but what it does illustrate is how easy it is for people to get data out of an organisation. It is vitally important to your business to keep your data secure. So here are a few suggestions to help you achieve this goal: Do not expose your internal network: The process of transferring files in and out of the business must be carried out without exposing and risking the internal network. No type of direct or indirect communication should be allowed between a partner and the enterprise. Make sure that intermediate storage is secure: While information is waiting to be retrieved, it must reside in a secure location. Encryption is good for confidentiality, but it is still important to have a single data access channel to the storage location and ensure that only a strict protocol is available for remote users. Protection from data tampering: Data inside protected storage must be tamper-proof. Safeguard your data by integrating authentication and access controls that ensures that only authorised users can change it. Digital signatures must also be employed to detect unauthorised changes in the files. Ensure that data at rest is protected: The cornerstone of protecting storage on a hard drive is encryption. It is this process which ensures that the data is not readable and thus maintains its confidentiality. Protection from data deletion and loss: The use of encryption is simply one part of the problem. Older file versions and programs should be retained, ensuring an easy way to revert to the correct file content or recover from data deletion. Auditing and monitoring: Comprehensive capabilities are essential to assure the business that its security policy is being carried out. Monitor your security methods and check they are working well. This provides the owner of the information with the ability to track the usage of its data. End-to-end network protection: Security must be maintained while data is being transported over the network. The process of transferring data must be, in itself, secure. Users must be authenticated, and access control must be in place to ensure that users are only able to take appropriate actions, and only carry out authorised ones. Auditing with detailed history: This is required to ensure that a detailed history of activities can be reviewed and validated. Access control must allow the ability to departmentalise the data, and the access to it. It must also provide detailed logs auditing, and tracking of every activity must be available. Process integrity: As data transfer is an essential part of a larger business process, it is critical to be able to validate that this step in the process is executed correctly. Make sure the data you sent is the same data which is received, and that it has not been tampered with en route. Calum Macleod

CALUM MACLEOD is European director at the information security company Cyber-Ark.