Protecting your Company Data
Every time I think about this I remember the day I was sat in a client meeting and data protection came up, the owner of the business had just told me that they have a zero tolerance policy on storages devices been brought into the company, “No USB sticks or External Drives here Dave” he said, has I looked at my Smartphone I quickly turned to him and bet him lunch that I could find someone in the company with ability to steal data.
I found :
2 Digital cameras
1 Digital voice recorder
and this was in the office next to the meeting room and in plain view connected to the computers, not the whole company or hidden in draws and handbags, I told him the issue he had was all his computers had USB and Card readers, so nearly any device that had any kind of storage could be used to steal data, I could see the fear in his eyes he had tried to ensure that the data in house was protected by stopping people bringing in storage devices in fact it was totally wide open.. you could even send zipped files to hotmail, the email server logged all data transaction but the port 80 was not monitored !!
What I told him was simple :
Know what files are on the internal servers and who has access. the designer shouldn’t be able to get to the accounts data so structure the servers correctly and add some document tracking, to record who accesses what. it doesn’t stop the theft but at least you have some suspects to point fingers at. Dispose of what you no longer need or at least archive the data to a secure server which only authorised management have access.
How do you protect your data ? or are you like me too small to care