It’s the Law – Protecting Personal Information

Effective October 1, 2008, Nevada business owners must encrypt the personal information of their customers before they transmit it electronically outside their business.

It is great news for their customers, but only the first step towards protecting them – because protecting data when it’s on the move is only one part of the much larger data loss problem. What if the recipient of the data, such as a part-time accountant, chooses to share it with someone else, for example an out-of-state market research firm? How secure is the data on his computer, for instance from a family member or temporary employee? Or what if the accountant inadvertently attaches a decrypted file with sensitive data to an email? Ensuring that you maintain control over your data in these and similar risky situations can really contribute to your peace of mind. 

Only in this way, can we be sure that all of our efforts not to lose the data in our possession don’t get undone when it comes into someone else’s possession. So if we send out confidential information, such as a quarterly report, a layoff plan, or just our own private thoughts, we can be sure that information will not go astray. And all of this should be under the full control of the owner of the data to set up and manage transparently – without need for IT support. This is what the Fortressware team has been working to provide: a simple yet powerful solution to provide you with the means to protect whatever you need, whenever you need to, keeping it secure wherever it goes. If you do business in Nevada, you can satisfy the law AND gain a competitive advantage by giving our Personal Fortress a try.

We want to use only one tool to prevent files from leaking in any environment, personal or enterprise

Every report says the top three ways of losing data are: loss of a laptop, email to the wrong address, and lost of a USB drive. There are many solutions available for each of them, but that means three solutions for three of the top ways to lose data. We should do better than that!

 

Since the data we want to protect is the same item regardless of whether it is stored on the disk in your laptop, the USB drive in your briefcase, or the attachment to your email, it is too silly to have three different ways. Not only should any solution work across the board, it ought to be as transparent as creating or copying the data in the first place. In other words, when you store the data to the USB or disk, and when you attach the data to the email, the protection should just happen along the way, right until you are asked to enter the password for accessing the protected data.

 

And if the file is to be shared with others, the tool should allow the recipient to read the file as if your controls were not there after they properly identify themselves. This is what we call a simple to use yet powerful solution. Only with such a solution, the incidents like a global media company’s detailed PowerPoint presentation about potential layoffs would never happen.

A tool to let each of us control the files we send others

You wake up in the middle of night, worrying about the email containing the last review draft of your pending acquisition – which you sent hurriedly this afternoon as you ran late for a meeting.  Did you send it to Bob your PR consultant or Bob the journalist who has been asking for an interview? Oh, please, no . . . what if… you have to get up and take a look in your email sent box!

 

Sound familiar? Just in the past week I’ve received three emails that I shouldn’t have: one with some company’s bug report, one with a spreadsheet of business contacts, and one with an HR report.  With email’s auto-filling of addresses, how many of us have not made such a mistake?  Some mistakes may have an associated revenue value or provide the basis for an employee law suit, while others may just cause sheer embarrassment. What is true across the board is that each case is very individualized, not subject to a blanket security solution, such as is provided by an anti-virus product. The security required to protect data in these scenarios varies according to the person and the timing. What is private and extremely valuable data for one person may be of no significance to another. What was critically important and confidential yesterday may be public today.

 

So, we have a choice. Either we just take the risk and end up worrying about it, having to keep our fingers crossed, and sometimes seeing our worst fears realized. Or, we look for a tool that’s flexible enough to head off incidents such as these, one that’s capable of reacting to spontaneous decisions, working in line with current processes, and being effortless to use.

 

Why haven’t we seen this type of tool? The impact of a personal leak used to be localized and easily controlled compared to the impact of a machine in corporate network getting a virus. With blogging, peer-to-peer social networks, and other Internet technologies, one leak can get totally out of control and easily spread information into the ether, with no one sure who has seen or possesses what was supposed to be confidential.  It is time for individuals to have an extremely easy to use tool to put a stop to careless mistakes that result in the loss of data. That is the goal of Personal Fortress.