如果您的一个同事丢失了包含极其敏感的客户信息的USB闪存驱动器,会发生什么?它是否会导致恐慌,因为数据曝光和大规模罚款和恢复费用?或者您会放松了解数据加密,闪存驱动器受密码保护,如果它再次使用,您可以终止驱动器?如果是前案,请阅读,看看如何从“恐慌”转移到“放松”。
Imagine yourself in this position. It’s Monday morning, and your task is to go to your lead executive to let him know that an ambitious employee who wanted to get some work done over the weekend just reported that her USB flash drive was either lost or stolen from her desk. The drive contains downloaded medical and financial records for 1,200 patients with HIV, AIDS and other medical conditions. The data stored on the drive is not password-protected or encrypted and includes the patients' names, medical record numbers, billing codes, the facilities where the office visits occurred and other billing information. It also included the patients' Medicaid or Medicare numbers, which can indicate their Social Security numbers or those of their spouses.
什么方式开始一周,对吧?
不幸的是这种情况真的发生了。2008年7月,哈里斯县(德克萨斯州)医院区的管理员承认丢失USB驱动器with all thatsensitive information。她只是想在周末在家赶上她的工作,现在县部门有一个主要的数据违规 - 以及HIPAA违规 - 在手上。
可以在你的办公室发生这样的事情吗?很可能,是的。近年来,USB闪存驱动器具有增殖;他们的成本和便利使他们非常受到办公室工作人员的欢迎。你,你自己,你的桌面抽屉里有很少的少数人。我做。
SanDisk Corporation, a leading maker of those popular little USB flash drives, commissioned a study on the risks of unsecured flash drives.该研究揭示了一些不那么令人惊讶的洞察力:
* 77% of corporate end users have used personal USB flash drives for work-related purposes.
*最终用户报告的类型data most likely to be copied to a personal flash drive include customer data, financial information, business plans, employee data, marketing plans, intellectual property, and source code.
* 44%的企业最终用户表明他们的公司没有禁止将企业数据复制到个人USB闪存驱动器上的策略。
* 67% of corporate IT managers are implementing or have implemented policies as a result of a data/security breach in their organization.
It’s no secret that USB flash drives are a weak link in the data security chain. TheSanDisk Enterprise Divisionis addressing that weakness by working with a variety of partners in the SanDisk Enterprise Solutions Technology Alliance (SESTA).
Formed in September 2007, SESTA now includes at least 25 leading security vendors, including CheckPoint Software, McAfee, RSA, VeriSign and a host of other companies. The purpose of SESTA is to develop solutions that close the backdoor that leaves enterprises vulnerable to risk and non-compliance. The result is that SanDisk now offers flash drive products that offer security at multiple tiers, including hardware-based data encryption, password protection, anti-malware detection, strong authentication, and central management.
SanDisk拥有一系列企业产品,具有安全解决方案的SESTA合作伙伴,内置于USB闪存驱动器中。公司可以选择最适合其组织风险的产品:
*SanDisk Cruzer Enterprise是一个密码保护的USB驱动器,它对所有文件中的强制性访问控制Imp,请将其存储在硬件加密的密码保护的分区中。这在驱动器丢失或盗窃时确保所有存储的数据。
* SanDisk Cruzer EnterpriseSecure USB使用McAfee恶意软件保护also includes automatic, device-resident malware scanning, which helps ensure that the USB flash drives and the corporate networks with which they connect are free of malicious code. This device leverages the capabilities of the McAfee scan engine to automatically detect and prevent USB-borne threats.
*Sandisk Cruzer Enterprise FIPS版includes FIPS 140-2 level 2 certification for encryption. Rather than rely upon users to secure files, this device imposes mandatory access control on all files, storing them in a secure partition that implements the strongest 256-bit hardware-based AES encryption.
*Central Management and Control(CMC)is a management console for the Cruzer Enterprise flash drives. CMC allows for tasks such as initial user-deployment, password recovery, data backup and drive termination. CMC provides continuous enforcement of company policy, tracking and monitoring activity beyond the corporate network.
*SanDisk Cruzer Professional是USB闪存驱动器,它包含不需要通过中央管理和控制台管理的安全措施。功能包括强大的基于硬件的加密(256位AES)独立于操作系统;受密码保护区的敏感文件;和设备锁定模式预设的密码尝试错误。
这些USB设备提供了一个安全的替代方案,可以完成关闭公司内的USB驱动器。他们为员工提供运输数据的能力,而是以安全和控制的方式运输。然后,如果闪存驱动器丢失或被盗,则很少有人担心可以访问数据。