Privacy: Security pros should practice what they preach

Shawna McAlearney, News Editor

Security professionals should practice what they preach, and many don't when it comes to privacy.

Calling privacy "a neglected area" in information security, expert Sarah Gordon said security professionals need to set an example by taking advantage of technical and policy solutions that can help mitigate risks to corporations.

In analyzing a recent survey conducted by her company, Gordon, a Symantec senior research fellow, found that a surprisingly large number of security practitioners fail to encrypt sensitive materials.

Requires Free Membership to View

A primer on encryption
This tip is excerpted from the Microsoft 2000 Security Handbook by Jeff Schmidt and Dave Bixler, published by Que.

The majority of the 154 surveyed in the United States, United Kingdom and European Union failed to encrypt data on the hard disk (85%); don't encrypt all e-mail messages (98%); and don't even encrypt sensitive e-mail messages (62%).

Gordon noted that failure to take steps to protect this information could easily cost companies money through the loss of intellectual property, particularly when e-mail and attachments pass through many points with potential eavesdropping prior to reaching their destination. Other consequences could be the loss of time, work and credibility.

Gordon's advice to enterprises is standard. Encrypt this information to protect it in transit from prying eyes, and from theft by Trojans and malicious code on the hard drive.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: