By Nimish Chandiramani Published Date
01 - Aug - 2007
| Last Updated
01 - Aug - 2007

It never get old, but it does get tougher. Once again, we tackle the demon of data security, and with a bit of added paranoia

It's like one of those nightmares where you're running with all your might, but don't seem to be moving much. No matter what we do to keep our data safe, there's always a new scenario to bother us all over again. Apart from making sure that your data is safe from the million things that could destroy it (read Disaster Proof Your PC, Digit, April 2007), there's also the matter of protecting it from unauthorised access-whether malicious or accidental. It was all nice and simple when everyone just had a workstation located within the office-even something as simple as double-locking the doors would work well as a security measure-but then things just had to get all complicated with laptops, mobile phones and what-not...

Refresher Course
If you haven't already, you need to take a few basic measures with data security before worrying about anything else. The first, and perhaps the most important, is employee education. Everyone in the office needs to know the importance of the data they're handling, and consequently how important it is that they keep it secure.

You'll most likely have a central server for storage-ensure that you've set up user authentication and rights to ensure that people only have access to data they're allowed to access. It's also advisable to consider setting up a domain for your organisation-this will let you manage users and data better.

Safe On The Network
There's authentication, and then there's encryption. While plain old authentication will work fine on files that are within your purview, files that may make it to the wild won't ask anyone for authentication before they reveal their contents. Encrypted files, on the other hand, will always require a pass-phrase or some other form of authentication before anyone can read their contents.

If your file server is Windows-based, then using the NTFS filesystem makes this easier-it'll encrypt files and folders, and you can decide which users and/or groups have access to those files. However, something as simple as copying the encrypted file to a FAT32 hard disk can cause it to lose its encryption-not desirable at all.

For good, all-round encryption for your company's data, you should opt for products from PGP (Pretty Good Privacy-www.pgp.com): they've got a host of products that will encrypt practically everything you want, from e-mails and instant messages to entire hard disks. You can also create self-decrypting archives which don't need PGP installed to use, so you don't have to compromise on security if you're sending data to someone who doesn't have PGP installed.

Protecting data on your network is relatively easy; there are worse problems to deal with now...

Safe On The Go
The profusion of portable devices that we deal with today may be great for professionals on the move, but horrifying for the soul in charge of data security. You never know when someone will forget a USB drive in the wrong PC or when a shiny new PDA will get swiped out of an unsuspecting pocket. With the coming of the BlackBerry and its contemporaries, even e-mail isn't safe on a lost phone. While you can't do much about retrieving the device, there are a few things to do that can prevent your data from being accessed.

The first thing (and this is a general rule for mobile phones in general) is to set a phone lock that asks for a code every time the SIM card is changed. You'll find this option under Security or Locks in your phone's control panel. For the really paranoid, you can set a phone lock that asks for a code every time the phone is taken out of its idle mode, though this can get profoundly annoying after a while.

You also need to monitor how information enters and leaves these devices. An always-on Wi-Fi or Bluetooth connection is an invitation to anyone looking for a victim, so in the interest of safety-not to mention a longer battery life-close all data connections when you're not using the phone.

Best Crypto encrypts files on your Symbian smartphone

The next thing you have to worry about is the removable Flash memory card-chances are your phone has one, and SIM card locks are useless against anyone who chooses to pop the card out and read its contents using a card reader. Thankfully, you can get yourself products that will encrypt the data on your memory cards as well. The BlackBerry platform supports encryption out of the box-there are even plenty of third-party solutions as well-but you'll have to install third-party software if you have a Symbian or Windows Mobile smartphone.

It's all very well to protect data that's in your hands, but what do you do when someone asks you to trust them with your data?

Safe Online
Back in November 2006 , we looked at a multitude of online storage solutions for your business-to save on the cost of purchasing and maintaining backup servers and media. Many of them offer storage solutions for small businesses: as much as 50 GB of hassle-free storage can be yours for as little as $ 99.50 (~Rs 4,000) a year!

One of the more interesting services we've come across is IDrive-E-find its client on our July CD. It uses a familiar Explorer-like interface to back up your data to your online drive, and your data is always transmitted and stored in an encrypted format. It offers a host of other features, including a versioning system that lets you go back to any old version of a file.

If you've been considering using online office suites like Google Docs & Spreadsheets and Zoho, do remember that while they do guarantee privacy, documents aren't encrypted on their servers. This isn't especially worrisome, but we wouldn't recommend using these services for extremely critical documents.

It's never enough, really. Fiercely guarding your data can only go so far-there's always the element of chance, not to mention the fact that all your preventive measures depend on whether your employees follow them. More than anything else, make sure everyone in your organisation knows exactly what security measures are expected from them. Secondly, never underestimate the importance of securing mobile devices and USB drives-they're most prone to accidental loss and theft; if necessary, limit their use to only non-critical data.

And finally, keep tabs on the latest developments in data security, and make sure you're prepared for the inevitable decentralising of office computing.

Nimish ChandiramaniNimish Chandiramani