10 ways to make sure your data doesn't walk out the door: UPDATED

By Debra Littlejohn Shinder

March 29, 2010

Unfortunately, the same security precautions that prevent DoS attacks, viruses and worms, and other high profile attacks may not be addressing a much more insidious problem: theft of company data for corporate espionage or other purposes. Yet the disclosure of your trade secrets to a competitor or the release of private company information to the media could, in some cases, result in a much greater loss than network downtime.

1: Practice the principle of least privilege and put policies in writing

Two opposing philosophies regarding network access policies:

1. All Open Policy, presumes that all data is available, unless explicitly restrict access.

2. Least Privilege Policy, operates on the assumption that all data is off-limits to a given user unless that user is explicitly given access to it. LPP is like the "need to know" policies of government intelligence agencies: Unless a user has a demonstrated need to have access to a particular file, that user can't access it.

Your policies should be specific and give examples of what's prohibited. Workers may not understand, unless you spell it out, that emailing a company document as an attachment to someone outside the network (or even to their own home account) is just as much a violation of policy as copying that document to a USB drive and physically taking it out the door.

2: Set restrictive permissions and audit access

CYBER ATTACK?!?

Stuxnet Virus Could Target Many Industries
The New York Times: 11/17/2010

WASHINGTON (AP) — A malicious computer attack that appears to target Iran's nuclear plants can be modified to wreak havoc on industrial control systems around the world, affecting the production of everything from chemicals to baby formula, government officials and cyberexperts warned Wednesday.

Experts told senators that attackers can use information made public about the so-called Stuxnet virus to develop variations targeting other industries, and that the worm's consequences go "beyond any threat we have seen."

Stuxnet
The New York Times: 9/30/2010

The Stuxnet worm is a fast-spreading malicious computer program that has turned up in industrial programs around the world. Its most striking aspect may not have been how sophisticated it was, but rather how sloppy its creators were in letting a specifically aimed attack scatter randomly around the globe. Iran said it had appeared in the computers of workers in its nuclear project.

Fighting the Evercookie

The next front in the cookie wars: Fighting the Evercookie

• Date: November 1st, 2010
• Author: Michael Kassner

Samy Kamkar: Evercookie is a Javascript API that allows storing cookie data in a number of different locations when a user visits a web page. Normal sites would typically just store data (such as a session identifier) in something like a cookie.

However, Evercookie not only uses the cookie, but a number of other locations such as Flash cookies, Silverlight isolated storage, and various locations of HTML5 storage. When a user deletes their standard cookies, the other locations remain and are able to rebuild the original cookie.

I built Evercookie as a proof of concept, wanting to show how web sites are able to track users even if they delete standard cookies and LSOs. Evercookie also sheds light on the fact that there are numerous methods for storing cookies locally. Finally, Evercookie acts as a litmus test for users who want to see if they’re protected from web sites that track like this.