Data security

Data security

To capitalize on an effective strategy for electronic data exchange environments, your business regularly exposes its applications and critical data to collaborators or partners. As this data represents an important part of your assets, it must remain confidential without corruption or loss.

 

In a context where data and identity theft pose real and serious threats to businesses, it is vital that you are able to reliably authenticate users and devices on your network.

 

Using best industry practices, BCI offers a range of services starting with the analysis of your current situation to the design and implementation of data security solutions, enabling you to protect your digital data and control access to your communications infrastructure to prevent data and financial loss to manage risk compliance.

 

Because each enterprise application invokes a specific data stream – single sign-on, authentication, signature, or encryption – which depends on both the level of security of the information exchanged on the web and the legislative framework in which your business must comply, we propose very specific and necessary recommendations.

Strong authentication

Strong authentication is a two-factor verification solution, allowing secure access to an application or system.

 

SSO (single sign-on) passwords show some limitations in high-security environments – theft of passwords, identity theft, data theft – and strong authentication overcomes these weaknesses and offers to mix various authentication strategies.

 

The use of strong authentication is recommended to industry sectors and services that open up their information systems externally with mobile access to corporate virtual private networks (VPN).

Digital signature

A digital (and/or electronic) signature can be considered as a means of authentication because it allows to verify the identity of the signer and the integrity of the document.

 

Different authentication methods for digital signatures are available to meet your specific needs. These methods are based on:

 

  • Knowledge of the user (password, personal identification number, etc.);
  • The physical characteristics of the user (biometrics);
  • Possession of an object by the user (card, USB key, token, etc.).

Encryption

Securing data exchange using encryption methods is a shield against the accidental disclosure of data. Encryption ensures the integrity of data and the limitation of access to authorized resources possessing the decryption key only.

Secure storage and data backups

Even though the establishment of protocols to define areas where the organization’s documents must be stored is a measure of protection for common data, users do not always comply. Indeed, many users store their data on their computer’s or laptop’s hard drive. Their organization therefore becomes vulnerable to the loss of critical data.

 

In the case of natural disaster or outage, recovery of critical data is of utmost importance. Companies must ensure that a secure data backup plan is included in their overall strategy for crisis management and business continuity.

 

To avoid the loss of critical information assets, BCI guides you in the development, revision and implementation of your storage policies secures data recovery specific to your organization, and ensures that these policies are properly understood by all levels of your business.

NERC News
SANS Internet Storm Center