Celeram headerCeleram -- information acceleration and security

Information assurance banner

Information acceleration and security


How security breaches occur

There are two main ways in which sensitive data is compromised:

  1. Staff misusing procedures to access company records
  2. Loss or theft of backup tapes or devices containing sensitive data

The staff misuse of procedures can fall into several different categories:

  • Unwitting misuse – for example, letting someone else know your password
  • Malicious misuse – for example, staff using their legitimate passwords and permissions to access data which they do not need for their own work, then copying this data for unintended use
  • Defective process control – personnel having perfectly legitimate access to data which they do not need, but which they can later misuse
  • ‘Revenge attacks’ – usually carried out by disgruntled employees, ex-employees, or spouses. These involve people with all the necessary permissions accessing data with malicious intent

Other Considerations

In addition to the disruption to your business and the real financial losses that can occur from data being in the wrong hands. There is the issue of corporate governance and shareholder protections to consider. Particularly in the US the fiscal penalties incurred are extraordinarily severe as they have legislation in place such as Sarbanes-Oxley, Gramm-Leach-Bliley Act (GLBA), HIPAA, the Digital Millenium Copyright Act (DMCA), PATRIOT Act and more.

The loss or theft of data on laptops and memory sticks is generally a process control problem, with key data being placed in vulnerable situations from which it can be stolen. Policing of such devices is a very difficult issue to manage — employees may need to take data out of the office as part of their job. Until now all the organisation could do was ensure that correct procedures were followed with respect to physical security, password protection, etc.

Now there is a new way to secure data and your computing environment: ViSOS.