Blog

Archive for the ‘Data Storage Security’ Category

« Older Entries

Do You Have a Data Protection Policy?

Tuesday, January 3rd, 2012

Technology is great — and Zecurion is in the business of providing industry-leading data encryption and data loss prevention solutions — but  you also need to have an established policy for data handling and data protection. Tools like Zlock, Zgate, and Zserver do an excellent job of monitoring network traffic and locking down sensitive data to ensure it isn’t compromised or exposed, but no software tool is fool proof. They are there to augment and support the policies your organization has in place. Neither policy, nor technology alone can prevent every data breach incident, but the combination of a documented data protection policy, with the right technology to support it will give you peace of mind that your data is as safe as it can be.

So, what sorts of things should your data protection policy cover?

  • A designated role responsible for maintaining the policy
  • A system for defining the classification of data based on its sensitivity or criticality
  • Provisions for conducting a risk analysis to identify where sensitive data is stored, how it is used, and where it travels to
  • Established guidelines for data handling and protection procedures for employees
  • Defined disciplinary measures for violations of the policy
  • Restrictions on physical access to the servers that store and process sensitive data
  • A plan for backing up critical and sensitive data, and ensuring that the backup data is secure
  • A system for monitoring and periodically reviewing data access to ensure it is safe
  • Define data breach incident reporting requirements and incident handling procedures
  • Establish a periodic review of the data protection policy to modify or update it as needed

This is just a baseline, but it’s a start. If you don’t have a written data protection policy that your employees are aware of you can’t expect them to follow it. Develop an effective data protection policy, then support and enforce that policy with the award-winning tools from Zecurion.

Tags: , , , ,
Posted in Data Storage Security | No Comments »

Time Is Running Out

Tuesday, December 27th, 2011

I know you are busy spending time with family, enjoying the holidays, and not even thinking about business, or protecting your data — but time is running out.

Zecurion is offering special discount pricing on our award-winning data loss prevention and encryption products through the end of the year. Is your data adequately protected? Do you have the right tools in place to enable you to exercise some control over how and where your sensitive data goes without getting in the way of productivity?

You simply purchase the one-year support agreement, and we’ll throw in the product license for free. It is an 80 percent savings off the normal price. You owe it to yourself — and the employees, customers, vendors, and others that trust you with sensitive data — to take advantage of this offer before the ball drops at midnight on December 31.

Your 2012 will be much happier if you have the peace of mind that comes with knowing your data is protected. Happy New Year!

Tags: , , , , , ,
Posted in Data Storage Security | No Comments »

How Much Data Are You Leaving Behind?

Sunday, December 18th, 2011

The very things that make portable storage devices convenient for storing and transporting data also make them a greater risk for loss or theft. USB thumb drives hold gigabytes of information, yet fit in your pocket. You can easily have one fall out of your pocket in a taxi or on a train, and you are unlikely to miss it if someone “liberates” one from your possession.

Security vendor Sophos recently bought a number of USB thumb drives at auction that were left behind on trains. Sophos found that two-thirds of the USB thumb drives contained malware–possibly suggesting they were intentionally “left” behind to be found and used by an unsuspecting victim. But, the 50 USB drives comprised nearly 140GB of potential lost data.

None of the USB keys was encrypted, and none of the USB keys contained any encrypted data. None. Sophos found all kinds of interesting data on the USB keys, including lists of tax deductions, minutes of an activists’ meeting, school and University assignments, autoCAD drawings of work projects, photo albums of family and friends, a CV and job application, and software and web source code.

Don’t let that be your data. Make sure you have policies and security controls in place to control what data is allowed to be stored and transported on portable storage media, and make sure your data is encrypted so it is protected even if that media is lost or stolen.

Tags: , , , , ,
Posted in Data Storage Security | No Comments »

The Real “Bad Guy” Is a Simple Lack of Common Sense

Friday, December 2nd, 2011

It is convenient to think of network security and data protection in terms of “us and them”. There are good guys, and there bad guys. There are authorized users inside the network just trying to get their jobs done, and there are insidious, malicious hackers diligently trying to compromise the network and steal sensitive information. The reality is quite different.

There are, of course, attackers out there with low moral character, a lack of ethics, and too much time on their hands who will not hesitate to exploit holes and expose data if possible. However, if you review the data breaches large and small that occur on a daily basis, the vast majority have nothing to do with any attack at all. Sensitive, personal information is compromised and exposed because the authorized users entrusted with that information are often clueless–or at least careless–in how they handle it. There are school principals accidentally uploading sensitive information, employees tossing files with personal information into public trash bins, and many employees with unencrypted data on laptops, tablets, and smartphones that are easily lost or stolen. The hackers often don’t have to work very hard.

Organizations should do more to educate users and increase awareness about sensitive data, data protection policies, and proper data handling procedures. Beyond that, though, organizations should have tools in place on the endpoint systems, monitoring the flow of network traffic, and protecting data at rest on servers to ensure that a lapse in judgment doesn’t lead to a data breach.

Tags: , , , , , ,
Posted in Data Storage Security | No Comments »

Protecting Data Is Not a Black and White Issue

Saturday, November 26th, 2011

Data protection is more nuanced than simply allowing or denying access. The ages-old concept of group and individual permissions for file and folder access are based on the fact that one person may have no business opening a given file, while the next person may need to read and review that same file as a function of their role. This same type of control is needed when it comes to allowing data to be printed, or stored on an external drive or USB flash drive.

Because protecting data is not a black and white issue, the solution needs to be more flexible than simply blocking or allowing access. Zecurion’s Zlock gives IT admins the ability to apply fine-tuned controls that prevent the unauthorized copying and storing of data without impeding legitimate, authorized use of removable media at the same time. Just as one person may have no business opening a file that another person needs to do their job, one person may have no legitimate business purpose for storing data on removable media, while the next person may need that capability to perform their job function. A solution that simply locks down USB ports is like killing a housefly with a hand grenade, and applies too broadly to provide functional data protection.

Zlock takes it a step farther, though. Jim may have a business need to store sensitive data on a removable drive, but you don’t need to grant blanket permission to Jim. You can still set up controls in Zlock that let Jim store data on a USB flash drive, but only if the data is encrypted. In fact, IT admins can configure Zlock to only allow Jim to store data on a specific brand of company-issued flash drives, or even a specific hardware ID of an individual USB flash drive issued to Jim. That way, data is protected, and the flow of sensitive data is controlled, but Jim is still able to do his job without having to jump through any additional hurdles.

Now, through the end of 2011, you can get Zecurion Zlock for 80% off.

Tags: , , , , ,
Posted in Data Storage Security | No Comments »

Trusting Employees Is Bad Security Policy

Thursday, November 10th, 2011

Companies like to be able to trust employees. This is particularly true in smaller companies, where the environment is more like a family and the founders/owners are often personal friends with the employees. In the end, though, business is business and it doesn’t mix well with personal trust–especially when it comes to protecting sensitive and confidential data.

Michael Pattison, the head of Allens Arthur Robinson’s technology law group is quoted saying, “Ultimately you trust people that you employ, so it’s depressing to find at times that the trust is breached.”

When employees leave a company–whether through firing or of their own accord–they often take proprietary and sensitive data with them out the door. Computershare is learning that lesson the hard way. An employee resigned and the company is accusing her of having stolen internal documents, emails, and possibly personal data and financial records of millions of shareholders that rely on Computershare’s global share registry.

A certain measure of trust is expected between employees and employers. If either party can’t trust the other to some extent, it creates a paranoid, hostile work environment. But, trust is a poor policy for data protection, and companies need to have tools in place to secure sensitive data even from the employees it is entrusted to.

Tags: , , , ,
Posted in Data Storage Security, Security Breaches & Data Loss Incidents | No Comments »

There Comes a Point Where It’s Willful Neglect

Monday, September 26th, 2011

Benefits Administration Services (BAS) revealed that a CD containing sensitive information on about 4,000 U.S. Steel Mining retirees and their dependents is lost in the mail somewhere. The CD is supposedly password protected, but the data it contains is not encrypted.  

I think we’ve all been pretty tolerant of data breaches up to now. Perhaps too tolerant.

We always give the benefit of the doubt to companies and their employees: “They didn’t mean to expose my Social Security number”, or “I’m sure it was an accident that the medical center posted my health record on the Web”, or “Well, it’s not my bank’s fault that the postal system lost the disc with my data on it.”

But, those excuses won’t fly any more. Companies and employees do know better. It is a simple matter of having solid data handling and data protection policies, and the tools in place to enforce them. That worker probably didn’t intend to expose your Social Security number, but a data loss prevention (DLP) tool could have prevented the inadvertent exposure. It probably was an accident that your medical records were posted online, but a DLP gateway would prevent that information from leaving the network. Your bank can’t guarantee that the post office won’t lose a disc in transit, but they can have tools in place to automatically encrypt data so that it is protected from unauthorized access.

In the past, we could forgive these things. But, data breaches are in the news almost daily. There are multiple industry, state, and federal mandates in place governing the effective protection of personal and sensitive data. No company or employee can claim ignorance at this point.

No. Now it’s a matter of willful neglect. Employees know what they’re supposed to do, but they’d rather take shortcuts and ignore data protection policies. Companies know what they’re supposed to do, but they’d rather save a buck and gamble with your personal data instead. 

DLP tools are not expensive–especially in relation to a data breach. There is no excuse.

Tags: , , , , ,
Posted in Data Storage Security, Security Breaches & Data Loss Incidents | No Comments »

Where Did Your Data Go?

Wednesday, September 21st, 2011

If you have solid data loss prevention (DLP) tools like Zlock in place, you can exercise some control over how sensitive data is handled, and what devices it is allowed to be moved to or stored on. Zlock helps you enforce data handling and data protection policies, and prevent data leaks and exposure.

However, you will still have authorized users who have access to confidential company data, and sensitive employee or customer information. The point of a tool like Zlock is to enforce data policies and prevent data leaks without impeding the day to day productivity of those with a legitimate need to work with that data. So, what happens when an authorized employee decides to willfully violate policy, or if the USB thumb drive of an authorized user is lost or stolen?

Thankfully, Zlock’s Shadow Copy enables you to monitor and inspect files accessed and moved/copied from the network. Shadow Copy provides a silent or shadow copy of all data along with other auditable information. This reinforces personal accountability and prevents unnoticed data leaks.

Zlock copies all documents written to an external device to a secure log on the local machine and transfers the log data to network when the local machine is connected to the network. Zlock’s Shadow Copy can track specific information about the file and its contents–date and time of the event, user’s credentials, type of device used and other useful data–providing you all the necessary facts to investigate any security incident or breach. The information can be tracked and grouped by specific users, user groups, types of media and other criteria, enabling you to compile the precise data needed to meet audit requirements or conduct forensic investigations after a data loss incident.

In addition to preventing unauthorized movement and copying of electronic files, Zlock Shadow Copy also provides the same audit trail capabilities for printed materials, giving the organization ultimate control over all network endpoints, both inside and outside the network perimeter.

When you use tools like Zlock and Zgate, you can prevent virtually all data leaks. For those instances where an authorized user becomes the attacker, or when an authorized user has data lost or stolen, the Shadow Copy feature is a life saver.

Posted in Data Storage Security | No Comments »

Data Breaches Cost More than Data Protection

Friday, September 16th, 2011

Tony Bradley, Chief Marketing Officer for Zecurion, recently joined host Tom D’Auria on the IMI-TechTalk radio show to talk about data protection. The daily headlines of data being stolen, compromised, and exposed suggests that many organizations either don’t understand the risks, or fail to implement adequate protection. Often, those decisions are driven by dollars–organizations simply feel they can’t afford data loss prevention (DLP) or data encryption technologies that could prevent data breaches.

Unfortunately, many of those businsses end up learning the hard way that this approach is penny wise but pound foolish. Saving a few dollars in the short term can have significant repurcussions when it costs the company exponentially more to recover from a data breach incident. You can listen to the entire IMI-TechTalk show by playing the recorded version from the IMI-TechTalk blog site.

Tags: , , , ,
Posted in Data Storage Security | 1 Comment »

Need DLP? How Does 80% Off Sound?

Thursday, September 15th, 2011

If you know anything about Zecurion, you know we are passionate about helping our customers protect their information and prevent data leaks. We work hard to help businesses understand that a data breach is much more costly than investing in data leak prevention and data protection tools.

At the same time, we appreciate that these are tough economic times and that many businesses simply don’t have the budget available to protect their data. We understand that the global economy is in a slump and that many IT departments are faced with dwindling budgets and forced to cut corners. We also recognize that protecting data and preventing information leaks are a top priority, and should not be overlooked to save a dollar.

Taking proactive steps to safeguard data and prevent leaks or exposure is significantly cheaper than facing the fallout when a data breach occurs. A data breach incident does irreparable harm to the reputation of the company, and may have legal and regulatory consequences as well.

To help our customers out, we are offering the Zecurion Economic Stimulus Plan for Data Protection for a limited time. Now through the end of 2011, customers who purchase a one-year support plan for a product will receive the product license free—an 80 percent savings.

With this Zecurion offer, organizations can do the right thing, and save 80% in the process. Companies can take advantage of this offer for any of Zecurion’s data protection solutions:

Zlock – an endpoint security DLP solution that provides IT admins the ability to secure, monitor, and control computer ports and external devices to enforce data security policies and prevent exposure of sensitive data.

Zgate – a network perimeter DLP solution that monitors all outbound traffic to ensure that confidential or sensitive data don’t get leaked across your network.

Zserver – secures and protects confidential information at the processing and storage level on corporate servers.

Contact Zecurion today to take advantage of this limited-time offer.

Tags: , , , , ,
Posted in Data Storage Security | 1 Comment »

« Older Entries