There are tools to secure your data, but human error is sometimes fatal. What can be done to ensure optimum safety, while keeping data accessible?
Comply with strict safety rules and upgrade your tools/softwares/equipment.
All the protection in the world will be ineffective if we do not respect them. A password handwritten and left out on a table, is material that can be stolen ... a tiny thing can cause a security breach. It is therefore necessary to be very careful.
Existing solutions are purely technical, and specialized in specific areas. Taking into account the functional aspect of usage is essential and requires relatively rare special skills.
If it is certain that there is no flawless system, the war between cryptographers and cryptanalysts "Hackers " has good days ahead.
It is essential to develop best practices within your organization to ensure the optimal security of your data.
Indeed, all cryptographers agrees on the principle of Kerckhoffs which can be stated as follows: "the security of a crypto-system is based solely on the encryption key and not on the algorithm that is supposed to be known by all. "
Behind the machines, human error is often fatal. It is therefore necessary to remain vigilant and educate users and administrators to the importance of choosing passwords but also to make them understand that it is perhaps even more important to keep them confidential.
To recap, here are some recommendations on password selection and management:
- A password is personal and should be kept secret. If we share it, it must be done via secure channels. You must not write it on paper accessible by a third party.
- The password must be changed immediately if there is doubt about its integrity.
- The administrator must require users to change their passwords regularly.
- Never use the same personal password used to connect to any forum or personal mail that was used to access corporate email.
- A password must be at least 8 characters, consisting of uppercase and lowercase letters, numbers and / or special characters. We must avoid guessable passwords from specialized dictionaries. It is therefore inadvisable to use his name or that of relatives, date or place of birth, or other personal information.
What solutions can make data accessible while protecting it?
It is necessary to develop a comprehensive policy in the broad sense of security.
The difficulty lies not only in the fact that we must restrict and control access permissions, but information must be made more easily available to those who need to access it. Secure yes, but we must also be able to provide access, making it difficult!
There is no point in rushing to ready-made security solutions that do not always match the needs of customers. It should reflect upstream on the type of policy to implement.
Now we see that the traditional tools are sometimes not suitable.
All solutions do not cover everything and are not fully compatible with all distributions. There will always be holes in the racket, the purpose is to learn to seal the areas not covered by existing tools.
If the zero fault does not exist, it is possible to hedge risk in accordance with certain rules and strict principles. New issues arise constantly and changing tools and practices is fundamental. Encrypting data is useful, but we must also manage the human side of data access, to know where to put good locks. Exchanging while putting in place control filters, then your cyber security will be successful. The aim must be to make SI watertight while facilitating access and manipulation of data to accredited users.