The People Factor
1. Rogue Employees: According to the 2006 annual CSI/FBI computer crime and security survey , insider breaches are amongst the biggest problems and sources for loss of data/sensitive information. Rogue Employees have access to sensitive data and information stored on the company intranets, mail, email etc and it has become very easy for them to walk out with such information using a small thumb drive in their shirt pocket. This applies to terminated employees too who might be tempted to carry out corporate secrets and maybe even sell them
Solution: As mentioned earlier, employ strict access controls over your company intranet and restrict access to shared network drives besides logging every visit. With respect to data, depploy Honeytockens. Honeytokens are honeypots that are not computer systems.Honeytokens can exist in almost any form, from a dead, fake account to a database entry that would only be selected by malicious queries, making the concept ideally suited to ensuring data integrity—any use of them is inherently suspicious if not necessarily malicious. In general, they don’t necessarily prevent any tampering with the data, but instead give the administrator a further measure of confidence in the data integrity. For more information on honeytokens, read this excellent article on SecurityFocus.
2. Third party contractors/Temp Employees : These sources have access to critical information within a corporation. While the need for trust is very important, make sure you put the necessary checks and balances in place. Handing off data to a contractor is always going to be a leap of faith. Restrict the information you might be sharing with them and make sure you put those NDA’s in place.
3. Documents(MS Word, Adobe PDF): The MS Word and Adove PDF documents are complex data formats which contain lots of information, images , data along with the meta data all mixed together. PDF provides excellent portability and remember converting a word document to PDF does not remove all the metadata. Corporations employ redaction of text and diagrams which is covering text or diagrams with black rectangles. While redaction is good for hardcopies, they are absolutely worthless for softcopies.
Solution: If there is a need to send/deploy/distribute a softcopy of a document, manually copy the contents that need to be distributed to a new doc file, review and delete sensitive test, tables, images. Also, turn off track changes in MS word, comments and other visible markups. Also, when converting a doc to pdf format, check your Adobe Distiller settings where you need to uncheck “Convert Document Information”. For more information and detailed procedures on redacting with confidence, check out this article from the National Security Agency