Industry View

Stopping Off-Network Losses: Practical Suggestions

Redemtech CEO Robert Houghton provides practical tips for robust off-network security.

By Robert Houghton, Redemtech CEO

Page 2

Beware logistics. Never, ever blindly rely on "LTL" carriers to transport data-bearing assets. Even reputable logistics companies are unaccustomed to providing the level of accountability needed for moving data. Require that your logistics companies fully participate in your defined chain-of-custody procedures. Data-bearing assets should be packaged in serialized tamper-resistant containersnot cardboard boxesor shrink-wrapped to a pallet. Each item should be scanned into its container. Each container should be assigned to a GPS-equipped truck, so that the location of every data-bearing asset is known at all times. It is common for logistics companies to transfer freight between lowest-bid line haul carriers, often multiple times, before a delivery reaches its destination. Require instead that data bearing assets stay within a single freight network to ensure that there is no break in the chain-of-custody. For greater security, and additional expense, trucks can be sealed at origination and delivered directly to their destination. Extremely sensitive shipments can be guarded in transit.

Verify data eradication. Field sanitization is no silver bullet. One logical response to off-network risks is to require that all data be eradicated before a device is moved. Good in theory, but in fact up to 25 percent of sanitizations performed in the field using conventional methods fail in some fashion. At a typical overwrite speed of 1Gb/minute, larger hard drives can require hours to complete, complicating the operational logistics of an on-site process, and making reliability even more difficult to achieve. Sanitization failures as a result of human error, hardware issues and software incompatibilities are inevitable; therefore, verification of results and a documentary audit trail proving verification for each hard drive is essential. These should be archived electronically to allow easy retrieval by asset number and/or by hard drive serial number should circumstances require. Inoperative hard drives must be physically disabled, and this operation should be recorded for each drive as well. Many organizations will balance the cost and risk of field sanitization against the risk of moving unsecured assets to a secure area for more efficient and reliable processing. With an accountable reverse logistics solution, onsite sanitization is often the more risky, and always the more expensive, option.

Measure what's important. Rudimentary governance is necessary to align all the moving parts of any organization for reliable off-network performance, yet the Ponemon Institute survey found that the large majority of companies did not enforce existing off-network security policy. At least measure the basics, such as chain-of-custody breakdowns, by recording all inventory variations. Measure losses of equipment, and record the time elapsed until recognition of the loss. Measure the reliability of data eradication through process metrics, and through forensic sampling. Each organization's unique operational procedures will require a slightly different set of metrics; whats important is to define what to measure, and who will be responsible for monitoring the data.

off-network security

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors