- Chinese Internet censorship: An inside look
- Desktops of the future here today
- What network CEOs really make
- DoD sold counterfeit network gear
- Sci-Fi's goofiest gadgets and technology
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
A missing computer can result in compliance and confidentiality issues that can be very costly to an organization. This paper discusses the strong relationship between computer theft, regulatory compliance and data security, and examines how IT professionals can protect mobile information by implementing a multi-layered network security approach comprised of various policies, procedures and asset tracking strategies.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
Watch Raven Zachary, Research Director for Open Source at the 451 Group, an independent IT analyst firm, discuss the emergence of enterprise Linux and the role of Oracle Unbreakable Linux support.
YES! I am all of these things: geeky, guitar player and a girl.
www.myspace.com/tawneekendall
not...- Tawnee Kendall
Security officials are issuing USB flash drives to workers in the state of Washington's Division of Child Support as part of a new security procedure established to eliminate the use of non-approved thumb drives by workers collecting and transporting confidential data. (Compare Data Leak Protection products)
The state has so far distributed 150 of 200 SanDisk Cruzer Enterprise thumb drives to unit supervisors in the division who manage collections teams in 10 field offices, said officials.
Brian Main, the division's data security officer, said the new drives promise to help officials keep better track of mobile data by integrating them with Web-based management software that can centrally monitor, configure and prevent unauthorized access to the miniature storage devices.
"We do periodic risk analysis of our systems and one of the things that came up is the use of thumb drives -- they were everywhere," said Main. "We had a hard time telling which were privately owned and which were owned by the state." He also said that officials had a difficult time keeping track of what data was stored on the workers' thumb drives.
Main said the division plans to manage and backup the new drives using SanDisk's Central Management & Control server software, which will soon be installed at the division's HQ in Olympia. The software, which relies on a Web connection to directly communicate with agents on the tiny flash drives, can also remotely monitor and flush any lost drives, he said.
Each field office will run a copy of the software to handle localized management needs, he said.
Officials in the division's training operations will get Cruzer Enterprise devices with 4GB of memory to store large-sized presentation and screenshots. Enforcement personnel will get devices that store 1GB, Main said.
Main said the division first looked at Verbatim America's thumb drives in its effort to improve security, but ultimately turned to the SanDisk technology due to its support for Microsoft's Windows Vista operating system.
Cruzer Enterprise provides 256-bit AES encryption and requires users to create a password upon activation. The device automatically deletes all of its content once 10 efforts to access its content are denied due to the use of incorrect passwords. Main said the self-encrypting capability was removes the "human component" from managing confidential data, a key feature for the agency.
The Division of Child Support collects about $700 million per year in child-support payments form non-custodial parents. The agency, part of the state's Department of Social and Health Services, manages 350,000 active child support cases annually, noted Main.
Sensitive data transported by off-site workers includes tax documents, employer records, criminal histories and federal passport data of some agency clients, Main said. At the least, he noted the drives include names, dates of birth and social security numbers of children serviced by the agency.
The state began rolling out the Cruzer drives late last year after recalling the thumb drives used by workers. Most were purchased independently by the workers, causing myriad problems for security personnel, Main said. The new policy requires workers to use the drives supplied by the agency. Main said he eventually plans to destroy all existing thumb drives collected as part of the security policy change.
Most companies are too enamored with the convenience, portability and low cost of USB flash drives to consider their security threat, said Larry Ponemon, chairman Ponemon Institute LLC, a Traverse City, Mich.-based research firm.
"I think a lot of organizations are asleep at the switch. They don't see this as a huge problem and it obviously has the potential to be mother of all data protection issues," said Ponemon. "A lot of organizations believe if you have a good [security] policy and you educate people and ask them to be good that's sufficient. The reality is thumb drives create a lot of uncertainty because they contain enormous an amount of information."
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
