Subscribe (Free) to
Daily or Weekly Newsletters
Post a Job

Featured Jobs

Client Service Manager

July Business Services
(Remote)

July Business Services logo

Retirement Plan Administrator

Bates & Company, Inc.
(Remote / Winter Park FL)

Bates & Company, Inc. logo

Retirement Plan Service Representative

DeMars Pension Consulting Services, Inc.
(Overland Park KS / MO)

Senior Defined Contribution Account Manager

Nova 401(k) Associates
(Remote)

Nova 401(k) Associates logo

Defined Contribution Account Manager

Nova 401(k) Associates
(Remote)

Nova 401(k) Associates logo

Senior Benefits Administrator

First Hill Trust Company
(Remote / Seattle WA / Hybrid)

First Hill Trust Company logo

Sr Retirement Plan Administrator

Farmer & Betts, Inc.
(Grapevine TX)

Farmer & Betts, Inc. logo

DB/CB Retirement Plan Administrator

CMC Pension Professionals
(Remote)

CMC Pension Professionals logo

View More Employee Benefits Jobs

Free Newsletters

“BenefitsLink continues to be the most valuable resource we have at the firm.”

-- An attorney subscriber

Mobile app icon
LinkedIn icon     Twitter icon     Facebook icon
LIA $FACTS$ for May 1998
View other months

Security

Transmission security has been in the news lately. We have noticed that there are groups of consultants suggesting that "sufficient" security can be achieved without encrypting every message, every file, etc. We think such advice is short-sighted.

The number one best security is not having anything anyone else wants to read or look at. Keep a low profile. Live under your means. Close the curtains at night and always keep the garage door closed!

But, let's say you are an international firm having offices around the world and many employees. Let's add to the scenario by making you a leader in your field. We assure you, someone wants access to your stuff! The number one method of protecting your information assets is not available to you.

So, how far do you go? If your only concern is access to documents that could be used in court, you probably can go partway as the consultants have suggested, making sure that correspondence on sensitive issues is approved and coded.

The reality, however, is that people can learn what you are doing to your detriment with documents that would be laughed at in court.

In the military, one is always reminded not to talk to unknown people and never to say anything at all about what one's unit is doing, even to family and friends. The popularly stated reason for this requirement is that "loose lips sink ships!"

All of your information is valuable and all of your correspondence is sensitive. Your competitor can tell what you are doing often just by monitoring the volume of encrypted email in and out of your site, especially if you only encrypt the important stuff. The size of communications and the people communicating give additional indicators of what is going on.

For example, let's say your stock has done well and you have begun discussion with your executive committee about approving a stock split. The mere change in the volume of traffic within the committee would clue people in, before appropriate, to what was going on. And this assumes that the traffic is coded. Uncoded traffic would be roughly equivalent to talking to a reporter!

So, what do you encode? Quite simply, everything. Your IS efforts should be expended to minimize the overhead on the system of coding everything. In time, you can start to adopt sophisticated methods of preventing even the volume and presence of traffic from revealing important information to the wrong people. You will also find, in the process, that the management diversion presented by trying to decide what to encode on an ongoing basis is far more costly than the cost of full-time security. And, it is always easier to continue the habit of transmission security than to initiate it.

Finally, applying Murphy's law, always expect a leak to occur and be prepared to deal quickly with the problems that result from it. Oh... and if it looks like there was a leak, there probably was!



Copyright 1998 Lohmann International Associates


© 2024 BenefitsLink.com, Inc.