Continued from page 1
To mitigate this problem consider using rights management software to protect your sensitive business data. Content rights management software not only encrypts files, but also serves to enforce access and limit usage privileges such as forwarding, editing and printing. These protections are persistent and remain with your files no matter where they travel. Any business that frequently exchange medical, financial, legal or design data should make regular use of encryption and content rights management technologies
Some established providers include: -Authentica: www.authentica.com -Essential Security Software: www.essentialsecurity.com -Microsoft IRM: www.microsoft.com/windowsserver2003/technologies/rightsmgmt/default.mspx
ESTABLISH A PERIODIC BACKUP STRATEGY
Periodic backups are required to ensure business continuity in case of an accident such as a hard-drive failure or attack. In a networked environment full and incremental data back-ups can be programmed to take place at regular intervals. Small offices environments should backup their sensitive data external hard-drive or cd at least once a week. It is good policy for companies to back-up email as well. Back-up data should be stored off-site in a secure location. Be sure to test your backup processes to ensure that indeed your data can be restored lieu of an operational failure.
Secure off-site data storage providers: -Iron Mountain: www.ironmountain.com -First Backup: www.firstbackup.com -KastenChase: www.kastenchase.com
USE STRONG PASSWORDS
Passwords are used to authenticate identity of an individual user. Unless otherwise protected, once a password is broken your sensitive data is exposed. With free software that is readily available on web, most passwords can be broken in a number of minutes. These programs often use known words and phrases to break passwords frequently beginning with “password” and “admin”. For good password security use a combination of upper-case and lower-case letters, numbers and symbols (i.e. eR8>!tJd ). Make sure that your employees memorize their passwords and that these are not written down anywhere on premises.
HIRE A SECURITY CONSULTANT
While tips in this article will help your company to be more secure; every business is different and requires its own security strategy. Consider hiring an independent security consultant to asses your individual security situation. They will be able to help you create a comprehensive security policy that will meet your business needs.
EDUCATE YOUR EMPLOYEES
No security plan is effective unless followed by your employees. Measures can be taken to severely limit their privileges such as browsing internet, reading email, or preventing reading of files from USB drive or cd. However, draconian security measures can interrupt workflow and damage productivity. A better policy is to limit some user privileges while educating your employees about your company’s security policies.
Mr. Price, a co-founder and organizing shareholder of Essential Security Software, serves as the company’s Product Marketing Manager where he is responsible for global marketing, new product and service development, and strategic partnerships. Zachary has authored many security related articles which have been published in a wide variety of magazines, newsletters and websites