Ipswitch Blog

Homeland alert! Beware of the Internet (but e-mailing, web browsing and file sharing are okay)

| January 28, 2010 | Cloud Computing, Industry News, Secure File Transfer

There was yet another security breach inside the government this week and this one involved an employee sending personal information via the Internet.

What in the world does that mean?

Open letter to the White House CIO: please better define what you mean by Internet. As I said in earlier blog posts, whenever you pull people into the middle of information technology it is unreasonable to expect that they will self-enforce 100% of the policies 100% of the time. We won’t lock our laptops all the time. We won’t choose passwords that are totally random with a combination of numbers and punctuation (my WEP password for my wireless router is based on the key 3210abcdef!) No matter how many encryption products you put on our desktop we will forget to use them and we won’t check for SSL encryption and check the certificate on every website that we go to.


So what is company to do? They must make the assumption that people will shy away from following policy when following that policy the policy stymies their productivity. (And from what I’ve seen many corporate policies do stymie productivity) Companies need to deploy technologies that allow them to transparently manage and enforce security and usage policies.

Okay ladies and gentlemen, here is the one crisp and pithy statement from your dear blogger:

“The protection of data should be a consistent concern and process throughout all areas of the company; whether it’s an administrative assistant writing a credit card number on a Post-it or it’s your SAP module sending information to an EDI translator and out to a business partner.”

Okay that wasn’t so pithy but here is another one: “Information security policies must be clear and straightforward and assuming that you can cover everything by using blanket terms like “personal information should not be sent over the Internet unencrypted” actually increases the risk that you will end up on the front page of Google News, because someone in your organization surely has a different interpretation of what it means to send information over the Internet.”

Preventing Alarm Storms

Preventing Alarm Storms from Striking Your Network and Distracting You

Implementing Compliance for Data Privacy in Regulated Industries

Free Webinar: Implementing Compliance for Data Privacy in Regulated Industries

Leave a Reply

Your email address will not be published. Required fields are marked *

Ipswitch Blog

This post was written by Ipswitch Blog

Ipswitch helps solve complex IT problems with simple solutions. The company’s software has been installed on more than 150,000 networks spanning 168 countries to monitor networks, applications and servers, and securely transfer files between systems, business partners and customers. Ipswitch was founded in 1991 and is based in Lexington, Massachusetts with offices throughout the U.S., Europe, Asia and Latin America.