The National Cyber Security Alliance is pleased to present a guest blog entry from Michael Waksman of Jetico.
When you work with sensitive data, no matter what field you’re in, regular cyber security checks are a must. Practicing routine ‘cyber hygiene’ will help protect against spillage or loss of your sensitive data.
If you’re wondering what ‘cyber hygiene’ means, a great way to understand it could be to compare ‘cyber hygiene’ with something more familiar, such as dental hygiene.
The idea is simple… For good dental hygiene, we trust the American Dental Association for proper guidance. For good ‘cyber hygiene’, we have the National Cyber Security Alliance.
When we visit the dentist, we’re told that we should brush our teeth twice a day to keep our teeth clean and healthy. However, to really protect our teeth and gums, we are also advised to floss our teeth regularly and to use mouthwash.
So what does that have to do with data on a computer? Well think of it like this: When we delete files, it’s like brushing our teeth. On the surface, it may appear that we’ve cleaned everything up, but look a little closer and there are still bits and pieces remaining that only flossing (wiping of data) will really get rid of.
In ‘cyber hygiene’ terms, using a high quality data wiping tool is like flossing our teeth. It gets rid of all data remanence – and it’s the only way to go if you want to truly protect your sensitive data from unwanted eyes.
If you don’t routinely wipe data on your computer, then when you create files, work with them, or delete them, parts of those files accumulate as data remanence.
To be absolutely sure that you’ve removed all data remanence, you need to take extra steps. Using a powerful data wiping utility can ensure that you’ve removed all the sensitive data to the point where it can no longer be recovered.
By doing so, you can be confident that you’ve successfully protected that data.
In order to guarantee a clean computer and permanently delete all traces of old or used files, there are several important steps that we should all be taking:
1. Use the right tools for the job
Using dental floss is a must to keep your teeth squeaky clean – and a good quality data wiping utility is essential to make sure that all sensitive data is erased:
- Keep your data wiping software up to date. Up to the minute software gives you greater protection against new threats. Whenever you introduce new software, add on hardware, update or modify system files, install new applications or change operating systems, you risk spillage of data. Keeping your software up to date can significantly minimize that risk.
- Get a comprehensive set of wiping tools. Data wiping software can vary from one provider to the next. To maximize security, you need a program that delivers a complete set of tools with the power to effectively carry out a thorough system clean-up.
Getting back to this hygiene idea, a powerful data wiping utility with enhanced tools is like using dental floss and mouthwash alongside your toothbrush and toothpaste. While using just some of these things will cover the basics, the extra tools will be that much more effective.
When removing data from your computer, wiping software can be used in conjunction with encryption software to more thoroughly protect your data.
With encryption, you can completely protect your swap file. Windows-based systems use a swap file for virtual memory support – helping to manage system memory while you’re working at your laptop or PC.
While working on your files, Windows will take files or documents (even those that have been encrypted) and copy all or part of them to an open unencrypted ‘swap. ‘ Encrypting the swap file will preserve the integrity of data, further preventing any unauthorized access to private information.
2. Perform wiping tasks properly
When you visit a dental hygienist, you’ll get tips on how to brush your teeth properly… “Use short strokes, back-and-forth and up-and-down”… “Pay attention to your gum line”… “Clean the inner and outer surfaces of your teeth”… and so on.
Much like these tips on dental hygiene, here are some ‘cyber hygiene’ steps to make sure you cover all bases and completely wipe your data for a clean system
(NOTE: Don’t worry if this sounds too complicated – take comfort that with a good wiping utility, all this dirty work is managed with a simple click or checking a box.):
- Encrypt and protect your system swap file before wiping.
- Disable System Restore before wiping to avoid shadow copies.
- Empty your Recycle Bin before wiping to make sure everything is cleared out.
- Wipe any free space areas where deleted data is stored until overwritten by new information.
- Choose an appropriate wiping scheme so that you know exactly how many times the disk will be overwritten and which wiping patterns will be used.
- Wipe slack space of existing files. Cleaning these slack spaces is just like flossing your teeth. Old data can be stored here, but an effective wiping utility should clean these areas for maximum ‘cyber hygiene’.
- Wipe MFT records to wipe names of deleted files.
- Clear the user Temp folders routinely to make sure that names of recently used files are cleared and any traces of Internet activity (Internet History and Local History) are removed from the system.
- Check the results. Just like you would take a final look at your teeth in the mirror, you should also check your data wiping results by examining the following:
- File Viewers to look at disk sectors after wiping
- Log Viewer reports to review the process
3. Establish a routine to improve results
A dentist will recommend brushing your teeth twice a day to prevent tooth decay. And routine cleaning of your computer system is recommended to preserve data integrity and prevent data spillage or unauthorized access to sensitive information.
For best results, you should do the following:
- Wipe records of internet activity and local history. Doing so after each session before you shutdown or log off is like brushing your teeth before going to bed. It takes a little extra effort, but it can make a big difference over time.
- Wipe free space. While this can be a time-consuming process, it is recommended to do so as needed. For example, wiping free space should be done after standard deletion of any sensitive data or file to clean up any residual data.
Of course, you may think all this cleaning sounds great – but you may also be wondering how on earth you’ll find the time for it all! You may also be wondering if this is all really that important…
If you’re yet to be convinced, let’s use the dental hygiene analogy and compare dental and cyber hygiene to weigh the benefits:
Like dental hygiene, good ‘cyber hygiene’ is something that you need to carry out routinely.
In recent years, technology and cyber security experts have created many effective and powerful tools that ensure your computer and sensitive files remain safe. Routine use of reliable wiping tools is the best way to protect you and your private information.
Practice good ‘cyber hygiene’ and keep your computer safe and clean!
————————————————————————
Michael Waksman is the CEO of Jetico, a company that provides military-standard data protection software for all highly sensitive information and mission-critical data throughout the lifecycle.
Article source: http://www.staysafeonline.org/blog/does-your-cyber-hygiene-need-brush
View full post on National Cyber Security