Pocket E-Guide. Sponsored By:



Similar documents
E-Guide UNDERSTANDING PCI MOBILE PAYMENT PROCESSING SECURITY GUIDELINES

Research Information Security Guideline

EndUser Protection. Peter Skondro. Sophos

Part 14: USB Port Security 2015

Did you know your security solution can help with PCI compliance too?

Encryption Made Simple for Lawyers

Keeping Up with PCI:

How To Protect Your Information From Being Hacked By A Hacker

ITAR Compliance Best Practices Guide

Mobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall

Keeping Agency Data Secure

AB 1149 Compliance: Data Security Best Practices

Chapter 4 Application, Data and Host Security

ELECTRONIC AUTHENTICATION. Understanding the New. Multi-factor authentication and layered security are

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

For instance, consider a customer order process. Documents such as orders can originate from paper

Encryption Buyers Guide

Internet threats: steps to security for your small business

INFORMATION SECURITY FOR YOUR AGENCY

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Managing BitLocker Encryption

Keep Your Data Secure: Fighting Back With Flash

RSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief

Windows Vista: Is it secure enough for business?

How To Protect Your Data From Theft

HELPFUL TIPS: MOBILE DEVICE SECURITY

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Using End User Device Encryption to Protect Sensitive Information

Best practices for introducing tablets in your enterprise

Understanding the Total Cost of Ownership for Endpoint Security Solutions. A TCO White Paper

Data Managers Interest Group. Research. April 17, 2012

Top Four Considerations for Securing Microsoft SharePoint

Top Five Ways to Protect Your Network. A MainNerve Whitepaper

Endpoint protection for physical and virtual desktops

Information Security. Louis Morgan, CISSP Information Security Officer

Have you ever accessed

BEST PRACTICE GUIDE TO ENCRYPTION.

Hot Topics in IT Security PREP#28 May 1, David Woska, Ph.D. OCIO Security

Encrypting Personal Health Information on Mobile Devices

Protecting personally identifiable information: What data is at risk and what you can do about it

How to use the Alertsec Service to Achieve HIPAA Compliance for Your Organization

Reducing the cost and complexity of endpoint management

Disk Encryption. Aaron Howard IT Security Office

Laptop Encryption. Tom Throwe. 1 August RHIC and ATLAS Computing Facility. (Brookhaven National Laboratory) Laptop Encryption 8/1/07 1 / 17

NAC at the endpoint: control your network through device compliance

Deployment Strategies for Effective Encryption

The Cloud App Visibility Blindspot

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

How to Secure Your Environment

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Applications, virtualization, and devices: Taking back control

Stable and Secure Network Infrastructure Benchmarks

Increasing Security Defenses in Cost-Sensitive Healthcare IT Environments

INFORMATION SECURITY GUIDE. Employee Teleworking. Information Security Unit. Information Technology Services (ITS) July 2013

SHS Annual Information Security Training

7 VITAL FACTS ABOUT HEALTHCARE BREACHES.

Top five strategies for combating modern threats Is anti-virus dead?

How are we keeping Hackers away from our UCD networks and computer systems?

Portable Personal Records for Emergency Situations

My CEO wants an ipad now what? Mobile Security for the Enterprise

DATA SECURITY HACKS, HIPAA AND HUMAN RISKS

Business continuity. Protecting your systems in today s world

The True Story of Data-At-Rest Encryption & the Cloud

Symantec Protection Suite SMB Family: Comparison Matrices and Migration. Presentation Identifier Goes Here 1

Practical Storage Security With Key Management. Russ Fellows, Evaluator Group

Seven for 7: Best practices for implementing Windows 7

Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory

Emerging threats for the healthcare industry: The BYOD. By Luca Sambucci

Data Security Considerations for Research

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

EasyLock. User Manual. Intuitive Encryption Application for portable Storage Devices

Mobile Security: Controlling Growing Threats with Mobile Device Management

Hard vs. Soft Tokens Making the Right Choice for Security

Secure Your Information and Communication Technology Devices

Do "standard tools" meet your needs when it comes to providing security for mobile PCs and data media?

Protecting Your Business from Costly Data Theft: Why Hardware-Based Encryption Is the Answer

PimaCountyCommunityCollegeDistrict Standard Practice Guide Administrative Procedure

Taking a Comprehensive Approach to Cloud Security

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

Use Bring-Your-Own-Device Programs Securely

Certified Secure Computer User

Sponsored by: Speaker: Brian Madden, Independent Industry Analyst and Blogger

P Mobile Device Security.

Introduction to Windows 7 (Brought to you by RMRoberts.com)

Simple security is better security Or: How complexity became the biggest security threat

Endpoint protection for physical and virtual desktops

BYOD BEST PRACTICES GUIDE

Encrypting your external USB drive on Windows

DigitalPersona, Inc. Creating the authentication infrastructure for a digital world.

CYBER SECURITY: NAVIGATING THE THREAT LANDSCAPE

Guideline on Safe BYOD Management

Proactive controls to mitigate IT security risk

Network Access Protection (NAP)

Plugging the Leaks: Best Practices in Endpoint Security

HIPAA Compliance & Privacy. What You Need to Know Now

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

UPGRADE THE WAY YOU WORK

SNOOPWALL FLASHLIGHT APPS THREAT ASSESSMENT REPORT

Microsoft Azure. White Paper Security, Privacy, and Compliance in

Transcription:

Pocket E-Guide Data Encryption for Emerging Endpoints Most organizations are asking the wrong question when it comes to encryption. Should I extend the same encryption practices used on laptops to other portable devices? The bottom line with encryption is that security controls should be driven by the sensitivity of the information stored on a device, rather than the nature of the device itself. In this expert pocket e-guide, featuring Mike Chapple, CISA, CISSP, learn the fundamentals of data encryption, why mobile device encryption is different and two available methods for encrypting data stored on highly-portable devices. Sponsored By:

Table of Contents Pocket E-Guide Data Encryption for Emerging Endpoints Table of Contents: Resources from Sophos Sponsored by: Page 2 of 6

By Mike Chapple, CISA, CISSP, Contributor While it's hardly trivial, encrypting enterprise laptops has become a common exercise for users who store or interact with sensitive data. Combined with other best practices like strong authentication and standard antimalware defenses, diligent enterprises can effectively safeguard notebook computers like never before. However, with the emergence of low-cost, highly portable devices, such as tablets and the upcoming ipad, a host of non-traditional notebook-like computing devices will be in use in the enterprise, requiring most to choose a data encryption method. As these devices proliferated over the past two years, many people asked the same question: Should organizations extend the same encryption practices used on laptops to these devices, or do cost, limited CPU resources and unique platforms mandate a different data protection strategy? I have a standard answer when people approach me with that inquiry: "You're asking the wrong question!" Encryption is a data-centric security control; it prevents an unauthorized individual from gaining access to information, rather than protecting a physical device. There's nothing encryption will do to prevent someone from hacking into a system with an improperly configured firewall. It will, however, stop someone who gains access to a device from harvesting sensitive data. With this point of view, the endpoint encryption question should be rephrased from "What devices should I secure?" to "What data should I secure?" Most organizations should have data classification policies that make identifying the sensitivity of information stored on each device easier. If a device contains sensitive data elements as defined by the data classification policy, it's vital to ensure that data is encrypted. Mobile device encryption is different Mobile devices in general (and the aforementioned highly portable devices in particular) present an additional challenge: They're much more likely to be lost or stolen than traditional computers. After all, it's much easier to forget a flash drive in a client's computer than it is to leave a laptop unattended. These highly portable devices deserve extra protection beyond security measures employed on laptops, as outlined below. Consider available data encryption methods There are two data encryption methods available for securing data stored on highly portable devices: purchasing devices with built-in security or adding security to the device by using software encryption. Both are effective options, but built-in hardware encryption runs faster and is less prone to user error. Sponsored by: Page 3 of 6

Malware Protection Data Protection Business Productivity IT Efficiency Compliance Hospital food worry less. accomplish more. www.sophos.com

Heightened awareness of portable device security issues has increased the demand for devices with built-in security and, over the past two years, manufacturers have introduced a number of products to help solve the issue. Major flash drive manufacturers, such as Lexar Media Inc. and SanDisk Corp. now offer encrypted devices that meet the government's stringent FIPS encryption standards. There are also high-performance device options, such as the specialized IronKey Inc. devices with fast, efficient hardware encryption or McAfee Inc.'s Encrypted USB Drives that incorporate both hardware encryption and fingerprint scanners to facilitate biometric authentication. If specialized hardware that supports data encryption isn't an option, consider using software encryption that's either built into the operating system or added on with a third-party product. Here are a few examples: Microsoft Windows 7 includes BitLocker and EFS, which may both be used to secure data stored on hard drives. The free, open source TrueCrypt package provides a way to encrypt hard drives, flash drives and other storage devices in a transparent manner on Windows, Macintosh and Linux platforms. Many third-party compression utilities, such as 7Zip and WinZip, offer built-in AES encryption that allow for easy and secure packaging of files for transport. The GNU Privacy Guard (GPG) package uses the OpenPGP standard to provide secure encryption for files. A plethora of data encryption methods and options exist in the marketplace, so there's really no excuse for allowing sensitive data onto unencrypted portable devices. Remember the fundamentals The bottom line is that security controls should primarily be driven by the sensitivity of the information stored on a device, rather than the nature of the device itself. Highly portable devices, such as netbooks and flash drives, do pose an increased risk of theft, so as you would with notebooks, be sure to carefully consider whether you wish to allow sensitive data to be stored on them. Fortunately, there are a number of great data encryption methods and technologies out there to help safely store sensitive information on any device. About the author: Mike Chapple, CISA, CISSP, is an IT security professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity.com, a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated. Sponsored by: Page 5 of 6

Resources from Sophos Resources from Sophos Security Threat Report: 2010 How to protect your critical information easily Not all malware detection is created equal About Sophos Sophos enables enterprises to secure and control their IT infrastructure. Our network access control, endpoint, web, email and encryption solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. We protect over 100 million users in nearly 150 countries. Sponsored by: Page 6 of 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information