Lockdown: Protect Your Business's Most Confidential Data

Updated: April 30, 2009

Every business has secrets that it would prefer to shield from both the public and from rank-and-file employees. These private documents can include marketing strategies, production processes, product formulas, and even the home phone numbers and addresses of company officers.

Making sure that vital secrets stay private is a task that requires careful planning and a multipoint strategy. Here's how to get started.

Network Security: Every business needs to have a network-security plan in place to protect files from prying eyes. In addition to the usual software and hardware safeguards, you'll also want to protect particularly sensitive files with passwords . But since passwords can be stolen or cracked, you will want to keep really crucial information — data that probably won't be accessed regularly anyway — on discs in at least two physically separate and secure locations.

Wireless Security: An unsecured wireless network can provide a gateway into your main business network, leaving important data exposed to wardriving spies, employee-created rouge access points and other popular snooping techniques. To lock down your wireless network, use WPA (Wi-Fi Protected Access) encryption in the form of either WPA or WPA2 technology. Additionally, tools from vendors such as AirMagnet Inc . and Aruba Networks Inc . will help you quickly pinpoint the existence of any rogue wireless devices. Steps can then be taken to either take down the access points or to secure the network against their presence.

File Encryption: Encrypting secret files is really a no-brainer. Encryption allows people with "need-to-know" privileges to view sensitive information with ease while effectively blocking access to unauthorized parties. Best of all, even if a disc or laptop that contains encrypted files is lost or stolen, it's highly unlikely that anyone— except for a highly skilled and determined individual — will ever be able to crack the encryption. Leading encryption vendors and products include PGP (Pretty Good Privacy), open-source TrueCrypt , DESlock+ , FileLock and T3 Basic Security .

Device Control: Gadgets such as portable hard drives, USB thumb drives , cell phones and media players are all capable of swiping business secrets in the blink of an eye. To thwart easy file transfers, remove or seal (with glue) open USB and FireWire ports on your office workstations.

Document Tracking: All secret documents need to be accessible only through applications that provide document tracking. This policy will create a traceable trail of exactly who looked at a particular document, at what date and time they did so, and whether they made any changes.

Physical Security: Your company's biggest secrets shouldn't reside on a network server or a desktop or notebook computer. Many organizations lock their most important data inside bank vaults and approve only a handful of individuals to access the material. While an office safe or a locked room can serve the same purpose as a vault, a safe-deposit box is far less vulnerable to thieves and dishonest employees. Remember to store duplicate copies in at least two geographically separate locations, in case one site is destroyed by a natural or man-made calamity.

Policies: Employees and business partners need to be aware of enterprise security policies and their roles in protecting information. It's also a good idea to enforce established security guidelines with a confidentiality agreement that makes the signer legally responsible for any information that he or she willingly discloses to an unauthorized party.

A secret can be lost in the blink of an eye, but getting information back under wraps can take forever.

Related Categories
Featured Research
  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more