Security best practices for protecting sensitive data
TechStriker
Member Posts: 131
I am researching security best practices for protecting sensitive data mobile employees using company laptops. I appreciate if you can point me to the right direction i.e. white papers, resources, websites etc....
Passed SNIA - SCSP
Working on VCP4
Working on VCP4
Comments
-
Chris:/*
Member Posts: 658 ■■■■■■■■□□
NIST suggestions:
http://csrc.nist.gov/publications/nistpubs/800-111/SP800-111.pdf
SANS Reading Room:
SANS InfoSec Reading Room - Best PracticesDegrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology -
JDMurray
Admin Posts: 13,091 Admin
If you already have backup/restore and encryption on your laptops, and the company uses only BlackBerry and BES for mobile communications (including laptop's connection to the Internet), you are definitely doing the right things.
If you need official guidelines to convince your business owner to spend the $$$ for security, find out what organizations your employers respect (Microsoft, Symantec, DoD) and search for guidelines and white papers from them. Like Chris:/* said, the NIST docs are a good place to start:
http://csrc.nist.gov/publications/nistpubs/800-111/SP800-111.pdf
http://csrc.nist.gov/publications/nistpubs/800-114/SP800-114.pdf
http://csrc.nist.gov/publications/nistpubs/800-69/SP800-69.pdf -
Chris:/*
Member Posts: 658 ■■■■■■■■□□
As JD mentioned, full disk encryption is a must. If the Laptops are allowed to be used in wireless hotspots VPN solutions and EAP products should be looked into. Many companies are also looking into Laptop "lo-jack" type products in case a laptop is stolen or misplaced.Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology -
TechStriker
Member Posts: 131
Thanks guys these are great read to get me going, we have deployed encryption but still looking into Backup/Restore on laptop environment. I have been tasked with to analyse threads data on mobile devices i.e. (data leakage, users transferring data to their home computers) and recommend best practice/guide line to mitigate this risks.Passed SNIA - SCSP
Working on VCP4 -
JDMurray
Admin Posts: 13,091 Admin
The backup/restore is the most important thing for disaster recovery. If an encrypted hard drive gets an unrecoverable sector error it won't be decryptable when it starts, and the only thing you will have are the incremental backups previously made from the disk.
If you are using BlackBerrys on a BES you can set policies about what devices they can/can't connect to. You can also auto-wipe any BB that is lost/stolen. Always require an access password on every mobile device. BBs have AES-256 encryption and are the most secure mobile phones; Apple iPhones are among the least secure.