IronKey

Mobile Data Security Blog

Home  »  2013  »  February

by

Obama’s Executive Order and Critical Infrastructure Protection

The big news this week in cybersecurity was the Executive Order from President Obama regarding our nation’s critical infrastructure, a catch-all term that includes power plants, water treatment plants and a lot of other utilities and services that, if impeded, could impact our lives in significant ways.

Reading through the text, the Order mainly allows for information exchange between government entities tracking nefarious interests and the private organizations running the critical infrastructure those nefarious interests would aim to sabotage. Certainly, this sharing of data can only help. By learning what the government is hearing, the companies will no doubt be better armed to know where an attack might be coming from.

Perhaps the biggest positive result of the President’s move is that the spotlight is now on the issue of critical infrastructure protection, at least for the time being. And I think it’s easy for anyone to conclude that the executive order does not go nearly far enough in providing guidance or dictating rules so that the infrastructure can be best protected.

Critical infrastructure protection is a complicated beast, made ever the more complicated because of the changing nature of the workplace. As an example, we live in a world that is more and more mobile. Even the U.S. government is encouraging its agencies to support mobile work environments. But a mobile world introduces new attack vectors for those who wish to do harm, let alone the vectors that already exist in our interconnected computing environments.

It can be a daunting challenge to secure these environments. Organizations are being targeted through remote attacks and their employees are also being targeted as travelers so they bring back malicious threats into the organization. As we’ve seen on more than one occasion, employees at many organizations have inadvertently carried malware and other malicious software into their work areas and have accidentally installed that software onto IT infrastructure.

The security industry needs to give organizations an advantage over malicious software.  A comprehensive approach to cybersecurity will address these and other scenarios.

One place to start is where our IronKey solutions sit– providing secure, mobile workspaces that are centrally managed. This allows employees at any company, let alone those operating our critical infrastructure, to work in any environment without risking a security compromise.

Solutions that involve hardware encryption, encryption key management, and strong administrative and access management controls should be incorporated into any government-driven requirements for critical infrastructure IT systems.

by

The Mobile Worker – A Look Back and a Look Ahead

In 2011, there were approximately 1.3 billion mobile workers and this number is expected to grow to 1.6 billion by 2015, according to IDC.  And as the breadth of our mobile workforce expands, the opportunity for targeted data breaches is increasing exponentially as well.

The rise of the teleworker is a boon to business and government organizations. At the same time, the expanding mobile workforce is fueling the evolving threat landscape — Symantec’s 2012 Norton Cybercrime Report notes that cybercriminals targeting mobile devices and mobile vulnerabilities doubled from 2010 to 2011.  IT departments must find new ways to protect corporate data at risk of malicious penetration from the outside, and malicious or careless insiders as well.

So what does this mean for the IT department? A new generation of mobile workers needs secure, portable workspace environments, and secure mobile device control systems.

Here’s another look at our advice for IT departments managing a worker-on-the-go:

  • Staff need to be educated on the responsibilities of handling mobile devices and the data security risks
    Proper training has to be a major part of educating staff on how to use mobile technology in order to do their jobs without risking a data breach.
  • Implement secure computing solutions that allow employees secure access to what they need
    Teleworkers need to be able to conduct their daily business from any location and must therefore be equipped with hardware encrypted solutions with strong user authentication.
  • Provide a secure platform that locks down the host-computer
    As organizations continue to accept that mobile workspaces are extremely convenient and flexible, advanced centralized deployment and management are key elements of maintaining and controlling a secure environment.
  • Make it easy and convenient enough to avoid workarounds
    Mobile devices must act like the desktop an employee has left at their office otherwise users will inevitably break security protocols.

Employees and IT organizations should learn from the security-related mistakes of the past. Technological advancements to the ways in which we work will continue to evolve and while it is not something that we want to stop but we must leverage the lessons learned and be smarter about mobile safety.

by

Welcome to the New IronKey

IronKey™ is back, and bigger than ever.

Last October, I wrote about what it means for the IronKey brand to be a part of Imation. We’ve been working hard to retell the story of IronKey, and to expand our IronKey line to meet a wider array of secure storage needs.

You can see the first phase of the results in living color on the new IronKey.com, launched this week, where you’ll find the latest on our IronKey Workspace™ and latest high-security IronKey X250™ flash drives.

Over the next 90 days, you’ll see us further extending the IronKey brand to our Defender™ line of secure flash drives and hard disk drives. With their origins at Imation TM and MXI Security, these are some of the highest security drives available, and offer unique features such as biometric authentication. And look for new -products from us in the coming months to help you secure  your mobile workforce.

We hope you’ll find the new IronKey.com a richer experience that informs and inspires – and helps you more quickly get to the tools you need to safeguard your organization.  Let me know what you think of our new online home at imsblog@imation.com.