Sunday, January 20, 2008

Is Protecting Your Company s Data A Lost Cause?

Is Protecting Your Company s Data A Lost Cause? The technologies that make today’s businesses more efficient and effective also make them more vulnerable to threats. Information security can be a constant struggle for corporations as they fight to keep ahead of the ever-changing computer data security hazards. Companies suffer data leaks as a result of anything from a stolen laptop to hackers to stolen paper records. According to the 2006 Cost of Data Breach Study from The Ponemon Institute, data breaches cost companies an average total of $4.7 million, or $182 per customer record. Companies with a poor data protection solution can not only run into legal trouble due to strict data security laws, but when data leaks occur, most corporations can run into image and public relations problems brought on by the scrutiny. So what can you do to make your computer data security more effective? Here are a few actions you can take to make sure your data protection solutions are always in tip-top shape. • Evaluate often. Frequently assess your computer data security’s functionality and find other data protection solutions to cover any vulnerable aspects. Additionally, you should establish a data security policy with frequent audits so your company can keep its security solution up-to-date. • Implement and enforce password policies. Ensure that your employees have strong passwords that include the appropriate amount of letters, numbers and special characters. As part of the system, set parameters that force your employees to change their passwords regularly, as this will help maintain system security. • Watch over your VPN. If you have any employees working from a remote location, keep in mind that these users can collect viruses or malware on their unprotected home computers, which means those threats could eventually skip over your network. So if your employees do work remotely, make sure that they are working from security-protected, company-issued laptops. • Monitor your wireless. After you secure wi-fi access points, you should continue to keep informed of the risks. Some data thieves use a trick called the “evil twin” where they create a fake wireless network that has a name very similar to yours in an effort to trick workers into logging onto this impostor network where it’s possible to get the users’ login information. • Hack your own wireless network. Hire an external auditor to conduct a “penetration test” on your network Though it sounds odd, hacking into your own network gives you a hacker’s view of your network and is probably the most effective way to find out what your data protection solutions may lack. • Always encrypt your data. No matter where the data is being physically stored, using strong cryptography is imperative when protecting sensitive data. • Delete unused data. Collect the data you need and place it in a secure system, but once it is superfluous, make sure you delete it completely. If you pay close attention to your computer data security solutions and see that nothing is slipping through the cracks, you will have a much lower risk of your data getting into the wrong hands â€" saving your company from the consequences of public scrutiny and liability costs. David Meizlik is the Product Marketing Manager for Security Solutions at Websense, Inc., the leading provider of web and content security solutions based in San Diego, California. His responsibilities include product positioning, go-to-market strategy and development, market and competitive analysis, program development, and management of all outbound marketing activities for Websense security products. Meizlik served as the marketing manager for emerging business opportunities, and the technology partner marketing manager building the Websense Web Security Ecosystem, an alliance of over 38 technology and distribution partners. For more information about Websense, visit Websense.com

No comments: