| By Dirk Zwart |
Article Rating: |
|
| December 8, 2010 01:00 PM EST |
Reads: |
9,493 |
If nothing else, Julian Assange was an Internet pioneer for exposing things that otherwise would not have seen the light of day on such a large scale. There have been whistle-blowers and various documents made available to the press and courts in years past, but nothing on the scale and public availability of what WikiLeaks provided. Like opening a can of worms, the potential for copycat sites and rogue insiders trying to make money from stealing internal documents is now unfortunately a lurking reality. A leak of memos and internal reports on such a widespread public forum could be a crippling risk to any corporation if they were the next big leak.
Many of these leaks, like the one announced yesterday involving US Navy intelligence specialist Brian Minkyu Martin, are inside jobs and potentially the hardest to stop. For these, a combination of a “bullet-proof” security policy and a lockdown of anything that looks like a storage device plugged into a USB port could potentially stop many of the amateurs.
However, far more sophisticated cyber criminals are sniffing out electronic transfers without detection for the thousands of files transferred among businesses every day. Surprisingly, many companies are not taking the simple steps to verify that their data and other confidential communications is encrypted – until it is too late.
The question begs, how do we keep ourselves from being the next headline on a site like WikiLeaks? The answers are simple. Centralize your data management, limit access to only the individuals with a constant expressed “need-to-know,” and only transfer information securely whether external or even internally within your company.
One of the better secure file server tools on the market right now is GoAnywhere Services by Linoma Software. I’ve been able to test it on Windows, Linux, Unix (in a VMware environment), and even on an IBM iSeries. Not only was it fast and browser-based, but it provided many levels of role-based and credential-based access for users. The application also provided IP filtering and various triggers that alerted me to file movement and internal or external user activity. The secure file server can also be paired with a reverse proxy DMZ gateway and a managed file transfer application. I tried the managed file transfer application called GoAnywhere Director and was surprised how easy it was to automate, audit and centralize all the data transformation and transfer tasks I needed to do that day.
The notion I’ve been promoting in offices for years is that every file matters. Because of that belief, you need to develop a culture of data security where it is easy and almost fun to exchange information securely (Comrade, have you the microfilm?). Do not put yourself at risk for supplying a WikiLeaks site with their next headline. Remember that there is no compensation for unknowingly providing unsecure information to the masses. Thread an easy-to-use and effective secure file transfer system into the fabric of your data security plan today.
Subscribe to Web Security Journal Email News Alerts
Subscribe via RSS
