Greater Manchester Police received a hefty £150,000 fine from the Information Commissioner’s Office (ICO) in October last year for misplacing a USB flash drive containing data on over a thousand people with “links to serious crime investigations.”
The officer responsible had used the unencrypted device for its higher capacity than the corporate, encrypted memory stick provided by the force; a careless decision that cost the force a great deal of money.
There are some organisations which attempt to avoid this kind of embarrassment simply blocking the use of USBs altogether. However, this restriction can have a negative impact on productivity. The fundamental question that needs to be answered in solving these types of data breaches is: how can organisations ensure that data is secure without preventing staff from doing their jobs?
Take remote control
Features such as remote wipe/kill could provide a solution. When a device is plugged into an internet connected end-point a command is sent from a central console in the IT department to either erase all data or completely disable the device’s ability to function. As more and more data breach headlines rear their ugly heads, remote wipe and kill features become increasingly prominent.
For organisations, there is great peace of mind in knowing that the data on any missing device is completely inaccessible should it end up in the hands of anyone but the owner, and remote kill would certainly ensure that this is the case. If authentication policies have not been set up properly or device security is not fully implemented in hardware then a remote kill feature would definitely be a good remedy.
Making remote kill completely effective over the internet requires a type of policy enforcement server to be involved in every attempt to access the device. The policy server would ideally take part in the authentication process and a user would not be able to access the device without the server also permitting it. At this level the remote kill function can be a message from the policy server to execute a data destruct or block command on the device, instead of the usual authentication.
An extra layer of safety
Although remote kill/wipe can vastly improve security, they can also make encryption very complex and therefore these protocols are best suited to high security environments involving sensitive data.
For these types of organisations, remote kill and remote wipe are a safety net – a way of rescuing potentially catastrophic situations. This technology should not be used in isolation, and there should be many measures ahead of this final line of defence against data breaches – beginning with the use of encryption and proper staff training.
Implementing remote wipe/kill requires pre-planning, investment and proper management – but given the cost of data breaches, having the right controls and technology in place is a small price to pay.