REGISTER

email 14 48

The 80/20 Rule for Information Security

Details
Parent Category: News:
Information Security

Article Index

Page 14 of 14

Project 13: Deploy Rational Cryptography

Deploying cryptography is a must. All sensitive data should be encrypted while at rest and in transit. Particular attention should be paid to laptops and mobile devices.

Data is often compromised when these devices are lost or stolen. With laptop theft on the rise, encrypting their hard disks is the best way to prevent data compromise.

Laptops aren't the only devices that need proper encryption. All workstations and servers should have appropriate encryption and key management.

Sensitive data should be encrypted in transit by utilizing Secure Socket Lay (SSL) for web applications both externally and internally.

A variety of acceptable options exist for secure email transmission. Utilizing Pretty Good Privacy (PGP) keys or x509 certificates are an effective solution for secure email.

This project is saved for last due to the amount of complexity required to implement and maintain. Organizations should select common, well-known key management software that is appropriate for their environment.

Most organizations deploy a solution, but fail to properly maintain the keys. Ensure adequate training is provided to your IT staff on key maintenance and reinforce their training with appropriately documented procedures.

Putting It All Together

Chances are some of those projects are already in place in your organization. Perhaps some of them are fully implemented while others are only partially complete.

Now that you have a starting point, feel free to use this as a guide to review your current initiatives and their progress.

You will find some of these you can do with your current team and others you may want to engage MSI as your security partner.

We can work with you and your team to review your current security posture and provide you with a roadmap custom to your organization.

From this road map you will end up with a set of projects and the next steps to building a strong information security plan for the future.

Copyright, 2010, MicroSolved, Inc., Columbus , OH - all rights reserved. Article Source

NEWS & PR

CyberBanner

Log in Register

Please Login to download this file

Username *
Password *
Remember Me

CyberBanner

CyberBanner

Go to top