Protecting your device when not in use

In 2013 the POPI Act was signed into law by president Jacob Zuma to bring South Africa in line with international laws on privacy.

Four years after and many information breaches later, it seems we may be a little closer to actual implementation. But the commencement date is still dependent on when the Information Regulator will be fully operational.

So, who or what is the Information Regulator? It is a new regulator that was created by the POPI Act to investigate and fine non-compliant culprits. It reports to Parliament and began its work towards the end of 2016. You – the data subject (an individual who is the subject of personal data) – will be able to direct complaints to the Information Regulator and it will act and hold the responsible parties accountable.

Although no commencement date can be pinpointed – there will be one year’s grace for implementation from this date.

Amongst all the uncertainty, one thing is very clear – POPI is coming to stay, so why wait for the rush? Implement the compliance process as soon as possible, finish well before the end of the grace period, and allow enough time to check and review.

Secure the castle – Full Disk & File Level Encryption

The one aspect that should not be overlooked as you prepare to protect your business and customers, is the compliance of your “software for hardware” – the firmware. In other words, the protection of devices when not in use.

The solution – Full Disk and File Level Encryption technology that secures devices and files and protects every bit of data that hits a disk/hard drive by converting it into unreadable code that cannot be deciphered by unauthorised users.

John Shaw, VP, Product Management, Sophos, emphasises that even with full disk encryption, data can still be compromised. A user’s computer or server can be hacked through phishing, malware or a targeted attack, data sharing via email, vulnerable stored data on mobile devices or the cloud, where it no longer relies on full disk encryption.

The complete secure solution needs File Level Encryption, which requires keys to access data just as full disk encryption does. He explains this with the castle analogy:

Full Disk Encryption represents the walls of the castle stopping people from coming in and File Level Encryption is adding locks on every room door inside the castle.

The Sophos Safeguard tool automatically encrypts every file and folder on a system by default and users can then manually choose files that they don’t want encrypted. Therefore, the user starts from a secure point.

Galaxkey has a different approach with a vault into which files are moved and immediately encrypted. Granular encryption of files outside the vault is also possible, where they can be secured for specific users.

Encrypting, decrypting and accessing information is automatic and transparent to the end user. If access is granted to groups of users who are identified as safe, every user in the group will be able to access encrypted files without delay. Users will not even be aware that files are encrypted – ensuring business does not skip a beat.

Application and System integrity is also protected with Sophos Intercept X which can detect exploits and abnormal system behaviour.

This protection extends to mobile devises and data stored in cloud services and does not slow down systems.

Sophos Full Disk Encryption Management is cost-effective, easy to manage with an end-user, self-service portal, assisting users to get back to work faster without needing to contact the helpdesk – saving time and IT resources.

Secure the castle – Full Disk & File Level Encryption

Microsoft Windows

Bitlocker, which is included in the following Operating Systems:

  • Windows 7 Enterprise and Ultimate
  • Windows 8/8.1 Pro and Enterprise
  • Windows 10 Pro, Enterprise and Education Editions
  • It is therefore included in all Professional versions from Windows 8.x upwards, but Windows 7 requires Enterprise Edition

Apple Mac OS X

Integrated FileVault 2 supported on the following Operating Systems:

  • Mac OS X 10.7 and upwards (to 10.12 Sierra at the time of writing this)

Cost: (Linked to dollar exchange rate)

  • Starting from R24.50 per device per month – 1-99 seats
  • Price packages for 100 – 499, 500 – 999 and 1000 – 4999 seats on request

Privacy Protection – Food for thought

Mark Grossman, tech lawyer, and Marc Lopresti, Lopresti Law group recently discussed the Federal Trade Commission and Congress investigating Equifax after its data breach put 143 million customer’s data at risk.

Lopresti asked this pertinent question: “How do we change the behaviour of the consumer? Every time we use a web app to order food or a taxi, or go onto Social Media we are agreeing to the terms of use, that nobody reads, to share massive amounts of our private information. Every single day. How are we going to change those behaviours so that our personal information is really protected?”

In Europe, one apparently has the right to be forgotten. If you have data online and you want Google to lose it and take it offline, you have the right to do that. You therefore have the right to control the use of your data.

Until South Africa has reached this level of privacy protection, users will have to manage restraint for sharing and business entities need to embrace the responsibility to secure customer’s data to the level of Full Disk Encryption.

Secure your customers’ and clients’ trust – get a quote:  Evolv 086 11 38658