Download This Special Report

Wednesday, June 21, 2006

Data Security is About Prevention

Data security is an important issue in today’s technology world. Just when security seemed to be getting better, news items like the Reuters report of the Aetna laptop theft in May that resulted in the leaking of highly sensitive information on 38,000 members cropped up to question what could be done to make security stricter. The following measures can be taken to help improve security on both portable laptops and traditional desktop PCs.

1. SECURITY EDUCATION: The most important thing that can be done in the business world is to educate corporate users about specific security issues tied to their machines. Organizations can combine security messages with regular security training sessions and even conduct tests to make sure the information is really processing.
2. SECURITY RESPONSIBILITY: Assigning a specific member of the company or an outsourced firm to handle security and make sure company policies are being followed is an important part of keeping information secure.
3. USE POLICIES: Company policies must contain information about Internet use, instant messaging and the use of computers and other company equipment. Many spyware attacks happen when rules are unclear and users go to unsanctioned Internet sites, or receive email or instant messages from unknown senders.
4. FIREWALL: Firewalls should absolutely be a given in any company. The firewall should be designed to look for typical spyware anomalies and virus programs.
5. ANTI-SPYWARE AND ANTI-VIRUS PROGRAMS: Some anti-spyware programs are actually virus and spyware sources, so top commercial programs from companies such as Norton, Symantec and Trend Micro, Inc. are the best option for companies. They should be set on automatic update.
6. PASSWORD AUTHENTICATION: Passwords can help make sure that only authorized users have control over the computer, but are not useful if they are written on paper and pasted to the screen or too simple. The best password is a combination of letters and numbers, and should be changed regularly.
7. SENSITIVE INFORMATION BELONGS ON THE SERVER: A server is less likely to be stolen than a laptop or a PC, so a secure server is the best place to store important information.
8. SECURITY FIRMS: Outside vendors can provide excellent complex security for companies and can help support a company and its policies.
9. ENCRYPTION: Encrypting files can help create copies of information and ensure it cannot be read if it gets stolen.
10. BACK UP FILES: Backing up files periodically with backup media kept in a separate location can help restore information quickly if a computer is damaged by any means.
11. LAPTOPS AS PCs: Laptop users should follow the same security protocol as those with desktop PCs.
12. PHYSICAL SECURITY: PCs and Laptops need to be protected, meaning building security should include guards, security cameras and most importantly locking down the machines when they are in the office so they cannot be stolen. A traveling laptop should also be in sight at all times.

Blogged By: Joshua Feinberg