Some companies have taken the empirical approach of blocking USB ports with epoxy glue, but a more manageable method is investing in a port control product, which can automatically block USB devices from being connected to PCs without authorisation. More advanced products also include transparent encryption, so that information copied to USB devices is automatically rendered inaccessible to thieves.

Curbing the office social

Blogging, and use of social networking websites should also be added to the AUP. With blogging, you’ll need to specify what the business is comfortable allowing employees to discuss. Company intellectual property and confidential information should obviously be restricted from blogs, and the same with social networking sites. As with USB devices, policies should be enforced by products, to truly limit risk.

Mobile matters

Mobile devices run increasingly robust applications, carry a great deal of business data and increasingly are a target for malicious code. Enterprises can take precautions to limit the risks of these devices without resorting to an unenforceable outright ban – an example being deployment of encryption for all approved mobile devices that have access to sensitive data. Ensure that the encryption product you choose is proven, transparent and automatic, eliminating user interaction and creating a fully enforceable solution that holds up to stringent compliance requirements.


Going remote

Employees connect to enterprise resources through both unmanaged networks and unmanaged remote devices, reported Gartner. This can increase productivity, but it can also punch holes in the company's network security. Companies should deploy VPNs to restrict access based on checks of the security of the user’s endpoint. The VPN can be SSL or IPSec, according to the company’s needs. IPSec clients enable increased control and management of the remote access point, which in turn increases protection of corporate assets.

Combined, these four steps result in a formula that will rapidly take most companies a long way towards plugging potential leaks. It’s a long race, but the Winner’s Circle will be much sweeter than crashing out on the track.