Tactical Advice

Protecting Company Data from Prying Eyes

Take these steps and reassure partners and customers their data is safe and secure.
This story appears in the Fall 2013 issue of BizTech Magazine.
How to Protect Data from Prying Eyes
Credit: ThinkStockPhotos

There are those who consider former NSA contractor Edward Snowden a whistle-blowing hero. Others believe he is a traitor. Be he enemy of the state or martyr to the cause of public disclosure, the documents the current fugitive leaked reveal something very important: the stunning degree to which the U.S. government has been keeping tabs on American citizens.

Unfortunately, there's not much, if anything, that can be done about the government tracking your business's electronic communications. There is, however, a number of proactive steps IT workers can take to block others, such as criminals or unscrupulous competitors, from taking a peek at — or outright stealing — your company's private data and customer information.

Secure All Mobile Devices

Missing smartphones are quickly catching up with lost notebooks as the chief source of corporate data breaches. Gadget insurer ProtectYourBubble reports that an incredible 113 smartphones are misplaced or stolen every minute in the United States. But while the value of lost hardware is enormous, the cost of business and customer data making its way into the wrong hands is practically incalculable.

Technology can help if used wisely. For notebooks, go beyond basic malware protection by adding full-disk encryption. Every major security vendor offers this, and there's even a free utility from TrueCrypt.org (though it can't be centrally managed, like those from security vendors). It's not enough to encrypt directories; entire disks need to be protected, with a product that works before the operating system boots.

Parallel protection for smartphones, which don't support pre-boot encryption, involves remote-wipe technology implemented through mobile device management (MDM) — turning a lost or stolen phone into a paper-weight before any data is lost.

Be sure that bring-your-own-device users know about your MDM solution's remote-wipe policies. It might actually encourage them to back up their smartphones and tablets, a rarity today.

Encrypt, Encrypt, Encrypt

Most major network-attached storage appliances offer encryption as an option, while server OSs allow for data disks to be encrypted at least. And be sure to regularly encrypt all backup files.

Online data storage services, meanwhile, encrypt files in transit, but be sure to check that they offer encryption for files residing on servers as well.

Encourage Password Best Practices

Employees usually say they don't share passwords with coworkers, but they often do — just check the logs. Try sending an email blast reminding everyone about security best practices, including the fact they must never, for any reason, send any passwords through email. A week later send a second email from a random IT person asking for passwords to help with system maintenance. Count the percentage of passwords returned — usually a third to half — and weep. Then resend the email explaining security best practices once again and revealing your findings.

Teach Data Loss Prevention

Although DLP tools have matured tremendously, employees still play a critical role in keeping data safe. Even companies with a DLP system in place should explain the consequences of data leakage.

Also, see where you keep customer financial information. Determine ways to keep it off your system, as the less customer data you store, the less you stand
to lose.

Sign up for our e-newsletter

About the Author

James E. Gaskin

James E. Gaskin

James writes books, articles and jokes about technology from his Dallas-area home office. He also consults for those who don’t read his books and articles.


Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....


The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...


Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.