The security of corporate data has been a matter of debate for some time as companies juggled the need to secure data beyond the data centre and out into the real world with the costs associated with more stringent security policies. The real issue companies face is how to allow workers unhindered access to the data they need to do their jobs wherever they are, while ensuring the data is protected.
"If it was only laptops that were mobile carriers of corporate data the problem would be fairly easy to solve," says Amir Lubashevsky, executive director at Magix Integration. "Unfortunately, technology today allows people to carry large amounts of data unobtrusively on USB memory sticks and even on cellular phones.
"Simply banning the use of these devices is not realistic as there are many legitimate uses for them in business. The key is to allow their use, but to monitor who does what, only allowing authorised personnel to copy data onto portable devices in the knowledge they are being monitored."
Simply auditing the actions staff take related to business data is not enough as their devices can be lost or stolen, leaving potentially sensitive data in the hands of the wrong people and leaving the company open to legal action and bad publicity. Lubashevsky says the final step in securing mobile data is to automatically and seamlessly encrypt it without requiring any user action.
Adding encryption technology to a company's security policy will ensure that all data transferred to a portable device is automatically encrypted and only authorised people have access to it via a password. This applies to USB cards as well as traditional storage mechanisms such as CD-ROMs or DVDs.
"With data encrypted on portable devices, only authorised people can access sensitive data," explains Lubashevsky. "Even if the device ends up in the wrong hands, it is worthless since it will be unreadable.
"Moreover, if a business finds its encrypted data has fallen into the wrong hands and has been decrypted, it knows there has been inside help and can follow the security audit trail back to see who copied the data, when, and hence must have provided a password to the information thieves."
Encryption is the final step in the data protection lifecycle as it closes the loop on instances where security policies and permissions are weak enough to permit data leaks. It also makes up for traditional human errors.
Share