Systems & Computing: Security Ought to Move Front and Center

By Peter Varhol

Most of us don’t give much thoughtto protecting our data from unauthorized users. Part of this is because we don’tthink anyone would have any interest in engineering designs, specifications, andother documents that technical professionals typically produce. Plus, there isthe element of convenience; it is easier and faster to be able to open and usefiles without having to enter individual passwords, or without having to makesure all your important files are encrypted.

It’s easy to assume that thecomputer will never be stolen, and that no unauthorized user ever sits down atyour desk and downloads files. Yet, we all owe it to ourselves and our employersto better protect data.

Your specs and documentation about your currentproject may not seem of interest to anyone but you and your project team, butthat view is almost certainly faulty. There are potentially a wide range ofreasons for theft and an equal number of ways that data can be compromised. Forexample, you can face corporate espionage from a competitor or even a journalistseeking a scoop. Or it is possible for a hacker to slip into your system andsimply destroy files.

And your engineering work may not be the only typeof private data on your computer. If you’ve used your work computer for eventrivial personal tasks such as writing letters or paying online bills, you mayfind that some of your personal data has also been stored, either inadvertentlyby you or intentionally by a cookie or even by spyware.

Today, and in thefuture, engineers and technical professionals have to protect their systems anddata; and not just from intellectual property theft.

Security expertsgenerally agree that a password can deter a casual intruder, but won’t stop adetermined trespasser, whether or not that person is a computer hacker (thehacker will just get there sooner). You have to take additional steps beyondsimple password protection.

An easy company-wide way of protecting datais for your IT department to map network drives and folders to each individualuser, and require users to write all of their files to that drive. That takesthe burden away from users, and places it with IT, who is better equipped toprotect data from a central location. The downside is that you must always belogged into your network to do your work, something that may not always bepossible.

Probably the best way for an individual to protect data on asingle computer is through encryption. Encryption uses mathematical algorithmsthat rearrange bits that comprise the file, making it unreadable. A common andlow-cost encryption application is PGP (PGP Corporation, Menlo Park, CA), which stands forPretty Good Privacy. PGP, along with most encryption products, offers encryptionfor both individual files and entire disk drives.

Hard disksmanufacturers, attempting to differentiate themselves, are beginning to providehardware encryption directly on the drive. It will be something that is doneautomatically as you save and open files. Of course, there will have to be somemechanism to authenticate the user, which can be done by biometrics or with thestandard public/private key approach currently in widespread use.

But allof us have to protect our data better. It’s too valuable to lose or compromise,and there are a lot of people out there who would like to have it. Don’t thinkit won’t happen to you. In today’s environment, there are two types of computeruser–those who have had their data stolen or destroyed, and those who are goingto.

Peter Varhol has been involved with software development and systemsmanagement for many years. Send comments about this column to [email protected].