2006/10/04

Business and Personal Data Security & Reliability

To improve data security and reliability, some time was spent today making a list of the various devices and services that transmit or contain business and personal data.

Because of the recent purchase of a new laptop, proper security and reliability of important data are a current concern. Digital data and a proliferation of computers, portable electronics, and portable data storage devices have introduced a wide spectrum of data risks. Business and personal data used to be pretty much restricted to paper documents which were kept at a place of business or at home and the only way that data moved around was through the mail or by personally carrying it from place to place.

Boy, have things changed...

In addition to paper documents, the following devices may contain business or personal data:
  • Personal and/or work laptop
  • Personal and/or work desktop
  • Non-owned computers (work, friends, library, internet cafe, etc)
  • PDA
  • Phone
  • CDs & DVDs
  • USB flash drives
  • Portable digital music players (e.g. iPod)
  • Portable hard drives
  • Flash memory cards (e.g. CF, SD, etc)
  • 3.5" floppies (nearly extinct)
In addition to the US mail and personally carrying it with you, data can be moved around by the following means:
  • Internet
    • Web browser (http)
    • Email
    • IM (instant messaging)
    • VoIP (internet telephony, such as Skype)
    • P2P
    • FTP
    • Online storage
  • Intranets
    • Work
    • Home (wired & wireless)
    • Non work/home (friends, library, internet cafe; wired & wireless)
You can lose your data in the following ways:
  • Lose a physical device (flash drive or memory card is small and easy to lose; cell phone or pda is easy to set down and forget, laptops can get forgotten at airport security or other places when traveling)
  • Have a device stolen (laptops are prime targets for thieves, as are other small electronic devices)
  • Data intercepted online
    • By ISP/Telecom/Backbone network employee
    • Companies or governments (legal)
    • Crackers
      • rogue individuals
      • organized crime
      • governments
      • companies
  • Data intercepted when transmitting wirelessly (especially at free hotspots)
  • Data stolen by eavesdropping or covert monitoring (discovering PIN numbers when you use phones, ATMs or other data entry devices)
  • Physical device fails and files have not been backed up (hard drive dies, flash drive wears out)
  • Data is in your possession, but you can't access it (can't find file on your hard drive or lost the password for an encrypted file)
Quite a few security and reliability risks are listed above. At least 95% of the US population has data at risk due to one or more of the above issues.

The question now is, "What should you do about those risks?"

*****

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home