So, yes, of course terrorists use the likes of Google, Facebook, and WhatsApp because they’re useful tools. Just about all of us use the internet to communicate and help plan our day. You use the internet to communicate and help plan your day too. Then come up with a plan, and communicate it: individual employees should be aware of the business’ data-protection strategy and what it means to them.I use the internet to communicate and help plan my day. “Look at what employees do, how they use data and how data flows naturally inside and outside of an organisation. “Businesses should have a data-protection strategy in place,” advised Merry. It means we can keep our users productive while keeping data secure.” Avoiding the pitfallsĮncryption isn’t a technology you can simply release into your organisation: you need to apply it in a systematic way to make sure data doesn’t slip through the gaps. “Encryption shouldn’t have a perceptible impact on productivity or system performance. “Businesses that want to roll out encryption shouldn’t need to buy new servers or hardware,” concluded Merry. As a result, the operating system doesn’t have to do the work itself, or even know that your data is encrypted. “Basically, these perform hardware acceleration of the encryption inside the CPU.” Similarly, some storage devices include their own encryption processor, which takes care of encryption and decryption at the controller level. “Modern Intel processors have a set of instructions called AES-NI,” added Merry. “If you’re using encryption, it’s easy to wipe that drive so that it isn’t recoverable.” “When you go to recycle your computers at the end of their life, make sure you’ve destroyed data on them,” added John. “And encryption is so easy to turn on now that it’s worth doing.”Įncryption can also provide a secondary benefit when it’s time to retire old hardware. “You do get thefts from businesses – even large companies with big data centres,” warned Sian John. In that case you can say: ‘It might be your device, but if you’re going to have company data on it then you need to protect it.’ Devices such as mobile phones have built-in encryption that you can activate.”ĭesktops and servers are rather less likely to fall out of pockets, but if you’re unlucky enough to be the victim of a burglary, you could be looking at a data-loss disaster. “With company devices, you may choose to manage all aspects of security, including the apps users install,” noted Merry. It’s worth thinking about tablets and smartphones too. “While your employees may not be carrying around top-secret blueprints, their systems may still hold data that needs protecting” It’s the same type of situation if you’re storing potentially secret or proprietary information on Dropbox, because you don’t know who might access it.” As far as the law is concerned, if someone can pick up that USB stick and potentially make use of the data contained on it, that’s a data breach. A USB stick is easy to lose – you pull your keys out of your pocket and the USB stick falls out. “For example, let’s say I copy an Excel spreadsheet from work onto my USB stick so I can work on it at home. “We attach files to emails, copy data to USB sticks and pass them around – there are lots of ways to share data, and as end users we do it instinctively,” Merry said. They can’t even access the files if they take out the disk and try to mount it from another system.”įile-level encryption has a role to play too. “Let’s say somebody steals your encrypted laptop,” Merry explained: “If they don’t have the username and password, they simply can’t access the data on it. Without a doubt, the most important data security measure you can take is to apply full-disk encryption on all mobile devices. If a hacker gets at your files, but only in encrypted form, they can’t do any harm.” What needs encrypting? “A data breach isn’t just data leaving the organisation – it’s data leaving in a form that’s usable to an attacker. “We’ve noticed an increasing amount of malware that attempts to steal data,” warned Merry. Aside from accidental loss, encryption can also be a valuable defence against hacker attacks.
0 kommentar(er)
