Protecting your Company Data
Every time I think about this I remember the day I was sat in a client meeting and data protection came up, the owner of the business had just told me that they have a zero tolerance policy on storages devices been brought into the company, “No USB sticks or External Drives here Dave” he said, has I looked at my Smartphone I quickly turned to him and bet him lunch that I could find someone in the company with ability to steal data.
I found :
1 Ipod
4 Smartphones
2 Digital cameras
1 Digital voice recorder
and this was in the office next to the meeting room and in plain view connected to the computers, not the whole company or hidden in draws and handbags, I told him the issue he had was all his computers had USB and Card readers, so nearly any device that had any kind of storage could be used to steal data, I could see the fear in his eyes he had tried to ensure that the data in house was protected by stopping people bringing in storage devices in fact it was totally wide open.. you could even send zipped files to hotmail, the email server logged all data transaction but the port 80 was not monitored !!
What I told him was simple :
Know what files are on the internal servers and who has access. the designer shouldn’t be able to get to the accounts data so structure the servers correctly and add some document tracking, to record who accesses what. it doesn’t stop the theft but at least you have some suspects to point fingers at. Dispose of what you no longer need or at least archive the data to a secure server which only authorised management have access.
How do you protect your data ? or are you like me too small to care 
DaveN
Jim Banks 1620 days ago
http://www.globaldirectmedia.comIt’s sort of relevant, but I remember meeting someone who has a keyword research tool and telling them that I had managed to get a “hacked” version of the software without having to pay the license fee. They went on to tell me that they had created the version to give them a bit of viral effect.
So turning that to security I downloaded one of those screen grab softwares and told all my staff I had installed the solution on the server and it took screen shots every 15 seconds throughout the day. Use of Hotmail, Yahoo, etc. vanished.
Think speed cameras with no film, dummy CCTV. Often the perception is all you need.
Hobo 1620 days ago
http://www.hobo-web.co.uk/seo-blog/Interesting…. better ask my guys
Dave Snyder 1620 days ago
http://searchandsocial.comI’m too dumb to care
matt 1620 days ago
http://www.homestansted.co.uk/great blog it’s good to see someone using a blog for what it is actually meant for look forward to seeing further comments.
Gavin 1619 days ago
http://www.cinfinity.ie/I bet your client had laptops within the company and most possibly didnt practice simple encryption proceedures – a major failure for the majority of companies.
Another thing companies should be concerned about is when the lease a dedicated server from a hosting company. Do you they know who is behind the company? but more importantly, what happens to the O/S when the server is no longer required?
The list is endless when it comes to data protection but unfortanelty there is such a big misundertsanding on the basics that most people dont bother with it.