Lessons from WikiLeaks – 3 Network Security Practices Every Company Should Have in Place

by Michael Anderson

December 10, 2010

  • This field is for validation purposes and should be left unchanged.

The exposure of thousands of classified documents by whistleblower website WikiLeaks has been dominating the news lately.  While it’s unlikely that your organization is trading military secrets, we believe there are lessons that companies of every size can take away from the WikiLeaks story.

Here are 3 (low cost) security practices that every company should have in place:

1. Have an Acceptable Use & Non-Disclosure Policy for Employees

We’ve written on this blog before that your company should have an Acceptable Use Policy – WikiLeaks reinforces the point.

Today, the Pentagon banned the use of all removable media on their networks in an effort to prevent future data breaches.  While such reactive measures are clearly warranted in this case, companies should give consideration such issues before they arise.

Your policies should include clearly defined guidelines on items such as:

  • The removal of company and/or client data from the work premises
  • Remote access to corporate networks
  • What information can / cannot be communicated via Email
  • What information can be shared vs. what information is considered confidential

Acceptable Use and Non-Disclosure agreements work to protect sensitive company information whiled setting clear expectations around appropriate use by employees.

2. Conduct Regular Reviews of Folder Permissions

Companies should conduct a regular review of folder permissions on shared network drives to ensure that access rights are current and correct. As files get added, it is easy for sensitive information to get saved to unsecured network locations, exposing the information to unauthorized users. If you are running a Windows Server, there are tools available for conducting audits of file & folder permissions.

3. Have a Defined Data Protection Process for Employee Departures

A recent study indicated that 30% of departing employees would take company data with them.  It is essential that companies have a well-defined process for dealing with departing employees, and re-securing their data and networks. This process should include documented access rights, and required password changes upon departure to close any potential access points.

This isn’t groundbreaking advice by any means, but WikiLeaks is as good a reason as any for every company to reevaluate their security practices, and consider simple changes to better secure their corporate data and networks.

If you would like some expert advice on implementing security measures in your business, Ask Us – we’d love to help.

Categories

Recent Posts

Social Sharing

Worried about your IT costs?

Almost any IT problem we encounter can be classified within 5 different areas – we call them the ‘Big 5’ IT Worries. Do you want to learn how much the ‘Big 5’ IT Worries is costing your business?

Imagine if you didn't need to worry about the cost of each problem. Or better yet, if there was support in place to prevent the problem from occurring in the first place. Small to mid-sized businesses aren't often able to employ an in-house IT department, but with support from 365 Technologies, you're covered as though you had one.

Wait, before you leave,
Request your free consultation.

Click the link below to more learn more about how 365 can deliver Worry-Free IT to your business.
Request Free Consultation