- Solutions
- Our Products
- SafeGuard Enterprise
- SafeGuard Management Center
- SafeGuard Device Encryption
- SafeGuard Data Exchange
- SafeGuard Configuration Protection
- SafeGuard Partner Connect
- SafeGuard LeakProof
- SafeGuard MailGateway
- SafeGuard LAN Crypt
- SafeGuard PDA
- SafeGuard CryptoServer
- SafeGuard PortProtector
- SafeGuard Easy
- Lawful Interception Management
- More
- Resources
- Support
- Credentials
- Partners
- Company
Product Spotlight
SafeGuard Enterprise 5.35 now available
Award winning comprehensive information protection platform with central management
Learn more »
Top Tips to protect against industrial espionage
First step should be to increase staff awareness
The first step in fighting off possible espionage attacks should always be to inform every member of staff of potential risks, and to increase their awareness of security issues and the measures they must take. Which data must be protected? Where do possible risks come from? Where are the security weak points and how can we protect them more effectively? Every time security software or hardware is implemented you must ensure that every member of staff understands its purpose, accepts it and that the security solutions will not interfere with everyday work. Only companies that are fully aware of the possible risk posed by industrial spies and their potential access points can take effective countermeasures against such attacks.
It's all about planning
Nothing happens unless you have security guidelines in place: defining which methods of communications are confidential as well as the implementation of company-wide security guidelines are the keys to effective protection against data misuse from both inside and outside your company. You must decide who exactly is responsible for issues such as administration and security. Are these processes interconnected, and does your company have an emergency response?
Without access rights: no plain text
Do you have confidential data, financial documents or classified blueprints? If so, we strongly recommend that you implement an organization-wide security solution that only allows authorized user groups to access sensitive data. Even the company's in-house system administrators, or staff from an outsourcer (if present), should not have access to confidential data. Individual access rights for working groups or individual users are defined in the security guidelines. These specify who can read confidential data in plain text or who will only see an encrypted, unreadable string of characters on their monitor.
Multiple authentication offers better protection
Multiple authentication offers additional protection because it uses a combination of a secure password and smartcard, or even biometric technology. Authentication is an identification mechanism such as a password or a sequence of symbols which only gives authorized users access to the system.
Example for a PDA: some security solutions for PDAs allow authentication by entering a signature. In this situation the system not only reacts to the signature but also to the speed at which it was written on the display. An additional professional encryption program then prevents a PDA thief from reading the data on the device. Specially-designed software applications not only encrypt the individual files and directories, but also all the Personal Information Management (PIM) data.
Separation of roles for added security
Separating the tasks of system and security administrators adds another layer of security. If this is done, the system administrator can continue managing his system in the usual way but is unable to decrypt any files because the appropriate key is managed by the security administrator. On the other hand, the security administrator cannot access any of the stored encrypted files. The security administrator defines the individual access rights. Depending on their profile every user is assigned a key ring which they can use to access and read the files as usual, in plain text. This method also protects system and security administrators from any suspicion of having spied on company data.
No additional effort required
Espionage defense must not involve any extra time or effort. Powerful, modern multi-user security systems run transparently and therefore invisibly in the background. Companies should choose a security solution that does not require their users to change their working habits. In addition, internal security policies, for example, for data encryption should be easy and flexible to define. The solution should also help to implement and enforce security policies centrally across the entire company.
What about e-mail traffic?
Sending e-mails is the most frequently-used commercial application in the Internet. However, although the encryption and signing of confidential mails theoretically can take place on an e-mail client, this is usually not the case, because the user either does not have the time or know how to do so. Professional solutions integrate cryptographic encryption and decryption processes with electronic signature and authentication at one central location in the corporate network. These security solutions are transparent for the sender and automatically implement the company's internal security policies for e-mail communications. The sender and recipient can communicate by e-mail in the usual way without having to bother about the confidentiality of the contents. Nowadays, the latest generation of gateways use a special, added PDF function to convert encrypted e-mails including their attachments into a PDF document. The advantages: the e-mail recipient requires no additional encryption software. If they have the correct password, the recipient can read the encrypted data on any stationary or mobile device that has a PDF reader, such as Adobe Acrobat Reader, and even reply to it confidentially.
Simple installation and transparency
No matter which security solution you select, it must be easy to install and administer. Another question which you should ask right at the start: can this new software be integrated seamlessly into the existing IT infrastructure? It is even easier if all the devices in the corporate network can be protected centrally with the same security suite. No matter where information is stored or with whom it is exchanged: the security suite protects data on mobile and stationary devices, on mobile memory media, on servers and in e-mails. Only by using this type of security suite are companies able to implement legal requirements and internal security guidelines simply and effectively across a range of platforms.
Don't forget removable media!
It doesn't matter whether you are using USB memory sticks, memory cards, external hard disks, diskettes or optical CD/DVD media: professional removable media security solutions can protect company data against unauthorized access at any time, even if the storage medium is removed or gets lost. Their seamless integration in the operating system means that no additional logon procedure is required. In addition, there is often the option of setting degrees of access to suit a user's specific requirements. In this way you can implement both restrictive and flexible security guidelines from a central point.