Do you know if your employees are misusing corporate equipment? Cisco Tuesday issued a report that it commissioned which revealed some common data loss mistakes, including employees altering security
settings on computers to incidents of employees accessing unauthorized parts of the company (as happens in China). Go here for the top 10 ways collaboration, mobility amplify data leakage dangers.
Cisco recommends the following practices for preventing data loss:
* Know your data; Manage it well: Know how/where it's stored, accessed, used.
* Treat data as if it's your own - Protect it like it's your money: Educate employees how data protection equates to money earned and money lost.
* Institutionalize standards for safe conduct: Determine global policy objectives and create localized education tailored to a country's culture and threat landscape.
* Foster a culture of trust: "Employees need to feel comfortable reporting incidents so IT can resolve problems faster," Stewart said.
* Establish security awareness, education and training: Think globally, but localize and tailor programs for regions based on threat landscape and culture.
More from Cisco Subnet:
* DMVPN: How this Cisco IOS technology can help cut 70% off your corporate phone bill, Part 1
* Cisco's $1,000 consumer-grade TelePresence to be launched at CES in January
* Is Cisco the Madonna of networking?
* Drive-by hacking; A story from the field
* Cisco targets packet shaping market with Application Performance Assurance module
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.
The Cisco Subnet blog is the official blog of the Network World Cisco Subnet community, managed by Editor Linda Leung. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
(WAN community)The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.
|
|
What about smartphones?
After reading the results of the Cisco survey I wonder if the real security and data leakage problems for IT shouldn’t be more obvious. IT is very adept at protecting sensitive corporate information on laptops and desktops, but they are overlooking smartphone devices. The iPhone, and others like it, are no longer just about accessing email – they are more akin to laptops than they are to the mobile phones of yesterday. Behaviorally, users find these devices “cool” and convenient since they converge work (i.e. Exchange email) and home (i.e. pictures, music, Facebook, Gmail). More worrisome for IT is that these advanced phones are easier than ever to purchase. Now, unbeknownst to many IT administrators, employees are swapping out corporate-issued devices for their smartphone of choice and configuring them to access email and other corporate resources just like they would with a laptop. CIO’s need to address this critical issue now by instituting safeguards and controls for smartphones just like they would the laptop. The first step is determining how users are accessing their network and email applications and then securing those devices while firewalling out those that won’t comply with the CIO’s policies.
Suggested Best Practices
I looked at the Top 10 items and offered my preferred countermeasures.
http://www.securitynowblog.com/security_applications/10_enterprise_data_leak_causes_remedies
Post new comment