Internal Business Security

While most people are rightly concerned about their business security when it comes to DoS attacks, viruses, worms and other high profile attacks, many have completely ignored the inside threat that may result in loss of corporate data. The result of this could be more catastrophic than network downtime. One of the best practices of business security is practicing the principle of least privilege. Here, rather than give all users access to business information and restricting what you want to remain confidential, it works the way round. You restrict everything and only allow access to what users need. Implementing this principle should however be accompanied by hard-pressed rules that penalize policy violations. For example, ensure that employees understand that email a business document even to a home computer is a clear violation of rules that prohibit copying documents, just like using a USB drive. Word your policy well and enforce the least privilege principle.

Business security will unfortunately result in restrictions that may seem unnecessary. If you are using Windows network, set permission and audit restrictions on NTFS-formatted drives to take advantage of the in-built security. For example, you may find it necessary to give Read Only permissions to information that is updated by you alone to avoid them modifying these files. Encrypting business data can also be done effectively on NTFS-formatted drives. In fact, encrypted files can be shared across a network and only accessed to users who have been authenticated to use these files. Encrypting works to prevent data from being accessed even when the computer is physically stolen or moved out of the office.

Business security is challenging especially if you run the risk of data being copied using removable media. So what can you do to restrict users from copying data? One crude method can include disabling these ports and drives from being used or physically blocking their access. A more professional way however can include using software to disable say USB drives. In Windows Vista, removable media, which includes USB devices and CD/DVD burners can be restricted through Group Policy. Third party products like Portable Storage Control can also be used if you are using Windows XP or other operating system.

To prevent data from being sent out of your network, you need to set outbound rules by use of a firewall. A firewall allows for blocking of P2P software thus restricting business data from walking out of the door virtually. Look out for ways to improve your business security and you can rest assured that if you do, then you will not miss any loophole that could, ultimately, save your business.