File security news

Effective security policy

Mon, 20 Jun 2005 15:38:44 +0400

Effective security policy

An approach to information security has changed radically for the past decades. To protect confidential information assets, the company now needs a comprehensive security policy.

Information is an essential element of overall business activity

Information security has always been essential for any organization. In the past it involved accurate storage of the documents and securing the physical archive. Nowadays, this process has been virtualized. All records of business activity are stored in electronic form. Besides, most companies manage a corporate network, typically open to the internet, which makes it much easier for the attacker to gain access to confidential corporate information.

Implementing security policy

Information security policy is an essential tool to protect information within a company. Any security policy consists of three elements: people, processes and technology. It should be noted that information security does not depend primarily on the scale and efficiency of the technology employed. No matter how intelligent and sophisticated the technology is, it is still subject to the whims of users. A corporate security policy should take into account the current business procedures and not constrict the ability of the employees to carry out their everyday tasks by introducing overly complicated security systems.

It�s much harder to change human behavior than it is to install data security systems. According to research of the most common security incidents, security dangers are usually totally predictable and have nothing to do with esoteric arts of the most skilled hackers or some cunning exploit. Network vulnerabilities typically abused by attackers are quite commonplace and can be easily identified and fixed. Most security attacks involve �social engineering� or insider abuse. Employees at the company may incidentally disclose passwords in an email, through instant message system, or simply put passwords down on paper and keep them at his or her workplace.

To protect information effectively, the security policy should answer the following questions. First of all: What information should be protected? It is useful to create a multilevel security system, setting various levels of protection to different types of documents. The policy should also take into account where the information will be stored. Without a comprehensive security policy, the company can lose track of some confidential documents and files, or store multiple copies of the same documents in different �corners� of the corporate network. Naturally, it increases the risk that the information may be compromised. To keep track of all the valuable information in the corporate network, the company can use specific software solutions.

The security policy should also answer the question: Who is going to have access to the protected information and who is not? Effective corporate information security should maintain confidentiality, integrity and availability of the information.

Security policy helps reduce security risks

Information security is one of the most critical issues of the present-day business management. To protect its information assets, a company needs to work out a comprehensive security policy. Effective security policy must address two principal problems: classifying the confidential information and identifying the users of the confidential data.

Find Protected is an utility to force Password Security policy

With our Find Protected program you can force the Password Protected Information Security Policies in your company.

Password policy and audit

Tue, 05 Jul 2005 00:40:22 +0400

Good password policy may greatly enhance the level of information security within an organization. To ensure the password policy is implemented by employees at all levels, password audits should be performed periodically.

The basis of securing your network is to make sure you use strong and secure passwords

Mon, 04 Jul 2005 01:11:32 +0400

The basis of securing your network is to make sure you use strong and secure passwords. This is the so called �first line of defense�, and it�s often the weakest link in the chain. If someone can guess your password, they can impersonate you on the network and get to everything you have access to. Even worse, a hacker can use your password to try to �escalate� his level of access and possibly take over the whole network.

The need to ensure any IT defense mechanisms should NOT jeopardize staff or customer

Mon, 20 Jun 2005 15:37:54 +0400

The security issue is how to make information safe when a user's personal data is being transmitted outside the company walls. Several years ago, it was just individual hackers messing around: it was a pain but it wasn't dangerous. Now we have consortiums of hackers who are paid to get information.

Companies need to work out a coherent security password policy

Mon, 20 Jun 2005 15:38:44 +0400

Companies need to work out a coherent security password policy and insist that employees use secure - but memorable - passwords, with a lock-out policy stopping repeated wrong password entries.

Combating the crooks requires a holistic approach to data security

Mon, 20 Jun 2005 15:37:14 +0400

The new consistent approach to information security includes creating more secure online access methods, better customer authentication, hiring dedicated data security staff and improving the way large amounts of data are stored or moved.

Information security policy elaboration with mind map

Fri, 10 Jun 2005 14:32:48 +0400

Nowadays information security is a big challenge for most organizations. Threatening inside the company multiply outside threatening from hostile information environment. Developing information security policy is the first step of organization to manage its' risks and safety. Developing a policy is a difficult process and mind mapping can help.

Why is it so hard for people to remember strong passwords?

Wed, 08 Jun 2005 21:06:56 +0400

Password protection issues are very much indicative of what happens when a technical requirement runs afoul of basic human tendencies and capabilities. Sometimes it seems that every website, network area, application, and even every computer requires us to enter a user ID and password.

Simple Password Policy

Sun, 05 Jun 2005 13:26:09 +0400

Here are some suggestions on how to handle all of your passwords: It maybe wise to use different type of passwords, depending on the importance of protected information.

Using SSN as passwords caused identitity theft

Thu, 09 Jun 2005 21:40:49 +0400

Jackson Community College''s computer system security was breached by a hacker who may have downloaded encrypted passwords

Put policies before products in IT security battle

Sat, 04 Jun 2005 21:09:21 +0400

Education has to be directed to IT security staff so they can more effectively manage the technology already in place. The view within enterprises is that more dollars will solve security problems, but it is really about implementing and maintaining the right policies.

Human component in security issues

Fri, 27 May 2005 19:55:12 +0400

Most identity management failures aren�t due to technology glitches. Instead, the most common security issues seem to result from how people interface with this technology. Here are some most frequent problems of confidential data management.

USB drives and data leakage

Thu, 26 May 2005 15:31:41 +0400

USB flash drives have become as common as CD burners in most organisations. However, these drives can also be a tremendous source of data leakage from an organisation''s network.

The Sober-N virus is used to obtain sensitive financial data

Sunday,May 15,2005 21:56

The Sober-N virus, which is responsible for roughly 80 percent of all virus reports and 5 percent of all global e-mail volume currently, is a fine example that viruses are used increasingly to obtain personal information and access to bank-account numbers, passwords and other sensitive financial data.

More about file security at findprotected.com

Data leaks highlight complexities of electronic documents

Sunday,May 15,2005 21:57

The U.S. military command in Baghdad produced a report in Portable Document Format, or PDF, and posted it on the command's Web site Saturday. The users should realize that it's always a bad idea to email sensitive electronic documents or place them on a web site. Generally, when you release documents electronically, they have to be scrubbed with certain tools or procedures.

More about file security at findprotected.com

Companies need to work out a coherent security password policy

Mon, 20 Jun 2005 15:38:44 +0400

Companies need to work out a coherent security password policy and insist that employees use secure - but memorable - passwords, with a lock-out policy stopping repeated wrong password entries.