Ever have a trusted salesperson, contractor or customer bring by a flash drive with a file by for you to view on one of your company's machines? Ever regret letting the outsider's drive inside your perimeter?
Ever have a trusted salesperson, contractor or customer bring by a flash drive with a file by for you to view on one of your company's machines? Ever regret letting the outsider's drive inside your perimeter?You may allow your most trusted employees certain leeways and latitudes when it comes to their use of your business's technology -- but what abut your most trusted vendors, contractors, customers and partners?
I was talking recently with a friend who's an industrial products salesman, and among the matters we discussed was how easy technology had made it for him to show customers and vendors photos, schematics, other materials.
"Just pop a thumb drive in one of their machines, and there you go," he said.
"Are you kidding?" he said, admitting that one company preferred that he connect a camera or phone to their system rather than a thumb drive because, according to his customer, "Cameras and phones are safer."
Now, odds are that the leeway they grant to my friend extends to people not as tech-savvy as he is, and probably extends to everybody. (Odds are, actually, that their systems are leaking information like sieves.)
But we all know of security-conscious and careful companies that do extend similar access to trusted outsiders, and do so for reasons of convenience, expediency or constancy of the vendor's presence in their business.
You know your vendors, you know your systems, you know your security procedures and tools, you know your comfort-levels with granting access.
Problem is, you may not know the levels of understanding your trusted outsider possesses on these very same matters.
At the very least, it's a good idea to insist that your trusted outsiders adhere to the same policies, monitoring and scans that your employees must meet.
Insist that any device brought into your workplace be equipped with up-to-date security software.
Deploy tools that monitor all devices and drives on your network.
Too much trouble?
Considering doing what my salesman friend and I have discussed:
Set up a dedicated, non-networked computer for viewing materials brought in by vendors or customers. Equip the machine with security software, and use the machine only for outsider presentations and other materials. Scan it in depth after every such presentation.
Suspenders and belt? Sure -- but these sorts of safeguards can help keep your business from getting caught with its security pants down as a result of a sloppy or unaware outsider who has something you "just have to see."
While you're at it, you might want to review those internal leeways and latitudes you grant, as well.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Join InformationWeek’s Lorna Garey and Mike Healey, president of Yeoman Technology Group, an engineering and research firm focused on maximizing technology investments, to discuss the right way to go digital.