– Lior Blik, CEO of NITConnect (www.nitconnect.net), says:
In today’s marketplace, almost everything is digital or being converted to become digital. E-mails, private documents, and personal information are all being sent using cell phones, PDAs, and PCs. For the most part, these devices are susceptible to becoming lost or stolen. Fortunately there are many ways in which the data can be secured.
Problem # 1: Unauthorized devices gaining access to the wired network
When it comes to physical access to the network, most wired network installations are very insecure. To gain access to these networks, connect both you and your client to a network port. You might even be able to get an IP-address as well.
To make it more difficult for this type of unauthorized access, a good practice might be to deploy Port-security, which identifies and limits MAC-addresses that can access the port. Another option is 802.1x, which requires the client to authenticate before network access is granted. 802.1x also enables unauthorized clients to be redirected to a separated VLAN, for example a Dummy- or Guest-VLAN.
Problem #2: Data Centers Physical Security and Access
Data Center managers must concentrate on DC Physical Security and Access of all data centers, server rooms, switch closets, phone rooms, network op centers, command centers, etc. This is a very critical task as it involves a facility-wide effort. It is essential for IT Managers to put the necessary restrictions (network and application access) in place to avoid unauthorized access to data. It is also critical, however, to secure sensible areas with other mediums like security cameras, access cards, lock cabinets, etc. The bottom-line is that data security is no longer an exclusive job for the IT Department. It must be a combined effort of every individual in the enterprise and all should be made accountable to ensure good business practices are being considered.
