Protecting your company physical data is a must! With now more and more Canadian companies allowing their employee’s to work from home on their “own” personal computers or issuing laptops could possibly leave a huge security gap.
I personally believe that bringing your work home from anyone working in Canada is something we all do but ensuring we take every security precaution is something I highly believe to be very lax.
Personal Computer:
Utilizing a personal computer to log into your work Virtual Private Network “VPN” does not ensure the security of the files being transferred back and forth. The reason for this is 2 simple words, Key Logger. If a Key Logger is installed on your employee’s computer it can record all keystroke even the ones written through Secured connections.
Educating your employee’s on security should be part of all employee training and how to scan their computer with utilities which are free is a no-brainer. I normally recommend for Windows users to use malwarebytes, Search & Destroy and AVG to scan their computer; also for safe browsing using Firefox with noscript will ensure your employee does not get injected by malicious code from third party websites.
Laptop Provided by the Company:
When providing a laptop to an employee making sure there is a BIOS password can protect the laptop integrity but not it’s content. Removing the hard drive from a laptop is as easy as taking a screw driver to the back of the laptop and removing the hard drive. Reading the hard drive can be done by a 10$ USB <-> SATA connector and the person who just robbed or found your employee laptop has access to all your companies intellectual property and ready to be uploaded to the Internet.
When giving an employee a company laptop I highly recommend encrypting the file system as this will make it VERY VERY hard for a normal person to extract it’s Data. I will not say it’s impossible as technology changes all the time and new computer chips are being released every 6 months which are more and more powerful and could crack encryption but most robbers will just format the hard drive and once this data is formatted it will be gone for ever as it’s been encrypted.
Encryption makes hard drive recovery impossible from any software based recovery program as all parts need to be intact. The only way to recover your companies DATA would be to bring it to a Hard Drive Specialist and this will cost 1,000$ a MG.
USB STICKS:
I normally advise all my friends to disable USB connections from their work computer BIOSES as USB stick are often lost and often infected with malicious Data. Most Malware writers attack USB sticks as they know these devices will be plugged to multiple computers as per their use and it’s as easy as an unknowing employee adding a malicious worm to the network which will then attach to it’s host computer and start sending all your corporate Data to eastern Europe or China.
Article written by Michael@Hack3rs