Security Slideshow: Eight Data Security Time BombsBy Samuel Greengard | Posted 12-07-2010
Eight Data Security Time Bombs
Storage Creep The proliferation of data-especially across a mÃ©lange of systems, devices and departments-often translates into little or no knowledge of what actually exists and where everything resides. An organization that lacks a robust discovery process and storage optimization can easily see data go AWOL.
Eight Data Security Time Bombs - Page 2
Smartphones and TabletsAs employees load apps on their iPhones, iPads and Droids, the risk of compromising security and undermining GRC grows. In addition, be aware of fake apps that steal contacts and text messages.
Eight Data Security Time Bombs - Page 3
Stealth CulpritsUnsecured, unencrypted USB devices pose an obvious threat. But anything with an SD card or flash memory, including cameras, digital audio recorders, and iPods, can become a tool for transporting data. Even an automotive computer system that links to your smartphone via Bluetooth could become a source of contact data leaks.
Eight Data Security Time Bombs - Page 4
VirtualizationVM sprawl is a growing concern for organizations. Knowing where data resides is critical. Protecting VMs with virtual firewalls, malware solutions and other tools is part of effective GRC. Also, be aware of potential threats, such as hackers attacking the hypervisor layer directly.
Eight Data Security Time Bombs - Page 5
Social mediaSocial networking sites typically pull data from numerous interconnected servers spanning applications and organizations. Your employees might post something on Facebook or Twitter and, depending on privacy settings, the data might leak to the world. Blogs, wikis, mashups, video sharing, and folksonomies present additional challenges.
Eight Data Security Time Bombs - Page 6
Cloud ComputingAs individuals tap into applications such as Salesforce.com, MobileMe and Dropbox, they share data across personal devices and systems, including smartphones and iPods.
Eight Data Security Time Bombs - Page 7
The Lowly SpreadsheetMany business operations, including finance, continue to worship the spreadsheet. Unfortunately, files often float freely from user to user and across company lines with few or any controls.
Eight Data Security Time Bombs - Page 8
PCI Compliance Over Wireless NetworksPayment card industry (PCI). Many organizations fail to update access points with security patches and some still rely on WEP encryption for their wireless networks, which doesn't measure up to current PCI standards. It's wise to exceed the PCI Data Security Standard.
Eight Data Security Time Bombs - Page 9
Four Tips1. Tighten up your procedures and policies2. Offer training 3. Look to third party solutions such as mobile content management, DLP and other endpoint tools, DRM, encryption, and malware protection. 4. Look for enterprise applications that provide the greatest level of security and central management capabilities.