Secure Systems
Add an article Back to list
Most company directors use laptops or netbooks to keep data available when
away from their offices, but many do not have any sort of security installed.
Most will have anti virus software installed and many will have a password to
log-in. A few will have basic systems in place to prevent data being exported
to a memory stick or CD. Some may even have encrypted files.
The main security should ensure that the machine is physically secure. i.e.
not left unattended.
The second level must include a secure log-in procedure, i.e. a complex
password system, changed regularly.
The third level should ensure that any sensitive data is protected by a
second level of security. i.e encryption or second factor authentication.
One of the best methods is to have the laptop as a dumb terminal, holding no
data and used to access data in the cloud or on a company server. This does
however require a secure internet connection. i.e https:/ but today the loss
or corruption of data can have very serious consequences.
My own laptop is kept in a secure location; it has a steel cable attaching it
to an immovable object when out of my sight. I use two levels of password and my
sensitive data drive is fully encrypted.
I know that a good hacker could get round all my security but I have made it
less attractive. There is a balance to be made; really tight security means it
is difficult to do anything; too lax and it is possible to lose or compromise
data. Somewhere in between must be the aim.
About the Author
Chris Eden FIBC, MISSA, ACQI is a director of Quality Matters Limited an established independent management consultancy based in Essex, UK which specialises in ISO27001 Information Security Management consultancy.
