Corporate Data Features

The influx of inexpensive storage media — from MP3 players and PDAs to USB thumb drives and external hard drives — in today's enterprise facilitates the dissemination of information further and further away from the enterprise core, and attackers are writing increasingly complex, customised malicious code designed to compromise a company's proprietary information. We used to live in an analog world. We played records, radio stations had static interference, we flattened out dollar bills to work in vending machines and we anguished over hanging chads. Sure, everything was converted into bits and bytes in the end, but the world we interacted with was a physical one. Threats to information security are appearing more frequently and are of greater magnitude than ever before. Once a rumour makes it into the Google top-ten searches, the damage can be difficult to undo. Intellectual property (IP) assets are at the heart of businesses. Increasingly these assets are available in digital formats: Microsoft Word files, Excel spreadsheets etc, making them easy targets. Always clarify in outsourcing deals who is liable for data security, advises Tamzin Matthew. In the wake of recent news at HP, pretexting has become the hot topic in the business world, and its sudden rise to fame broaches numerous questions including: What exactly is pretexting? How are companies liable for it? What are companies doing that is considered pretexting and how can they protect themselves from becoming the next HP? Over the last several years, many well-known organisations have faced the consequences of highly publicised data breaches. These breaches directly impact an organisation's most valuable asset - their customers. This month, we have juxtaposed two of the foundations of information security: data protection and vulnerability assessment. On the protection side, we look at some of the key products in the area of whole disk encryption. 2006 will be recorded as the year that security breaches reached the consciousness and awareness of the mainstream consumer. Breaches are certainly not a new phenomena, especially to security professionals. Ever since the emergence of iPod back in 2004, GFI and other experts including Gartner analysts, Ruggero Contu and John Girard have been warning that iPods are a potential danger to the corporate network. Running parallel to the huge business benefits brought about by the ubiquitous and increasingly open-access use of computers are huge risks resulting from information security breaches. Long viewed as a major vector for incoming threats such as viruses, malware and worms, organisations are also increasingly viewing laptops as a primary weakness in the fight against the theft, loss and misuse of information. In the last decade, the security of your information on your networks has been focused on protecting the integrity of data from outsiders. Much of the effort has been based on perimeter security - from outsiders trying to break into the network. Every week brings another public announcement on some dramatic compromise of confidential, sensitive information. Sometimes, it's the loss, or theft, of a computer or hard drive or the hacking of supposedly confidential files containing individuals' private, identifying data, such as credit-card numbers or health records. It's easy to make email appear to come from an internal user, warns Ken Munro. So be on the lookout.