Dell Small Business 360 - Encryption protects business information

Dell Small Business 360 - Encryption protects business information

Articles & Advice

Your Industry

Dell Community

Encrypt This
Help protect sensitive business information

In May of 2006, an analyst with the U.S. Department of Veterans Affairs was robbed of his notebook. Names, dates of birth, Social Security numbers and health records of more than 26 million military veterans and their spouses were "safely" saved on its hard drive.

Panic spread. What if thieves could access the sensitive information? It was a security breach of massive proportions. Fortunately, the notebook was recovered in June and tests suggested thieves had not accessed the personal data.

The U.S. Department of Veterans Affairs learned its lesson the hard way, prompting them to spend $3.7 million on encryption software for all of its computers, handhelds and storage devices.

"It's absolutely vital for any business, no matter the size, to encrypt its files and folders with high levels of protection," said Kumi Takasumi, Dell product marketing manager. "A company's core values are in its data. Losing any of it can be devastating and in many cases result in risking the livelihood of one's business altogether."

Securing your small business just involves a few simple steps and the investment is well worth it, Takasumi added.

Read on to learn the basics of encryption and authentication, plus find out how small businesses can help protect valuable assets.

What is encryption?

Encryption is a means of encoding data into an unreadable series of characters with a secret key or password, making it secure for transmission. The encryption software scrambles data from a person's system so that an unauthorized user is unable to read the information. For example, if your notebook is lost or stolen, the information on the hard drive cannot be decoded and read without the correct key. Also, depending on the application, you might have the choice to lock out the user after a certain number of tries or even wipe out the data altogether.

Why would a small business need encryption?

Whether it is a business owner's customer data, employee data, intellectual property or non-public financial information, losing any of this data can be devastating. Stolen data can jeopardize a company's finances as well as tarnish its reputation. A small or medium business needs to ensure their business is secure and complies with privacy laws to not only assure safe transactions for their customers, but also to assure the privacy of their employees.

There are several different types of encryption. Could you explain the general differences?

Basic file/folder encryption allows the user to determine if a file should be encrypted or not, and can be used on an individual basis for encrypting personal files. For instance, the user determines who has access to the files/folder. Those without access will not be able to open and read the file or folder. Encryption is designed to make files only accessible to the one who had them encrypted.

Full disk encryption and intelligent file/folder encryption take the encryption decision entirely out of the user's hands. Full disk is more comprehensive and encrypts the entire disk, including operating systems and files. Intelligent file/folder allows the IT manager to pick applications and/or extensions to encrypt. Both of these types of encryption can meet certain regulatory requirements.

The decision to encrypt some or all of your files depends on the industry. A small business owner needs to assess how sensitive its data is and then determine the right route for protecting that information.

What are some simple measures a small business owner can take to provide information security to its sensitive data?

There are several simple steps a small business can take. The first level of defense is to have good password processes. Create passwords with special characters that are more difficult to guess at and change passwords on a regular basis.

Another simple step would be to invest in a software solution. Microsoft Windows XP editions offer encrypted file systems that allow a small business owner to select any file or folder and encrypt the data. Also, select DellTM  systems are shipped with Wave Embassy Trust Suite, an integrated security solution that offers file/folder encryption secured by a trusted platform module or TPM. A TPM is a security chip that sits on the notebook and basically provides an extra layer of security.

How does encryption differ from authentication?

Encryption and authentication work hand-in-hand. Encryption helps protect the data at rest, meaning when the user is not logged in. Authentication ensures that only authorized users are able to work on that particular notebook or desktop.

Authentication can be broken down into three simple categories:
  • Something you have — i.e., a Smart Card or USB key
  • Something you know — i.e., a password
  • Something you are — i.e., a fingerprint scan
Ultimately, better security measures include more than just one of these means of authentication.

Are there any new trends or more sophisticated forms of authentication that businesses are using now?

Biometrics is definitely a hot trend. A lot of people are investigating it and using it as well. There are several different types of biometric technologies, including voice recognition, facial recognition and retinal scan. But the most mature of these is fingerprint recognition. Fingerprint recognition allows a person to use their fingerprint to substitute for the password. The great benefit is that you can actually attach more security measures into the fingerprint authentication without burdening the user. Currently, fingerprint readers are available on Dell LatitudeTM  D430, D620 and D820 notebooks and Dell PrecisionTM  M65 and M90 mobile workstations. Dell also offers a USB fingerprint reader for the currently shipping OptiPlexTM  745 and Dell Precision workstations.

Other common means of sophisticated authentication are Smart Card readers and USB FOBs (memory keys). These security measures work by allowing users to carry something like a physical "key" to gain access to data.

What should the emphasis be on in the future when it comes to small business security?

Small to medium-sized businesses should focus on increasing security overall. Many companies are familiar with physical security methods such as cable locks and threat defense applications such as antivirus suites. Today, IT managers are looking at encryption and authentication. Tomorrow, it may be network access control.

Every company has different needs and should assess its own risk profile before deciding what security measures to take. Also, each company should keep reassessing as it grows and its needs change.

Search By Topic

VoIP · Security · Online Marketing · Business Plan · Customer Relations ·
Search Marketing
· Marketing · Mobility

Shop
Solutions
Services
Systems
Software & Peripherals
Support
Drivers and Downloads
Product Support
Support by Topic
Warranty Information
Order Support
Community
Join the Discussion
Share Your Ideas
Read our Blog
Ratings & Reviews
Community Home
About Dell
Investor Relations
News
Company Information
Corporate Responsibility
All About Dell
My Account
Sign-in / Register
Order Status

Laptops | Desktops | Business Laptops | Business Desktops | Workstations | Servers | Storage | Monitors | Printers | LCD TVs | Electronics
© 2009 Dell | About Dell | Terms of Sale | Unresolved Issues | Privacy | About Our Ads | Dell Recycling | Contact | Site Map | Feedback
AT | AU | BE | BR | CA | CH | CL | CN | CO | DE | DK | ES | FR | HK | IE | IN | IT | JP | KR | ME | MX | MY | NL | NO | PA | PR | RU | SE | SG | UK | VE | ALL

Regular-sized Text
snDWW6