While the drama about Edward Snowden continues, it’s interesting to see the effects. Clearly, this is an inflection point in the perception of security, especially insider risks. Every CEO’s worst nightmare came true, and national security led the way.
Whether you consider Snowden a hero or traitor isn’t the point – the point is how easy ANY information can leave an organization.
Among the knee jerk reactions we are seeing via the media and directly with clients:
1) Reevaluate and reduce the scope of admin access
2) Filter Dropbox et al and tighten up email attachments filtering
3) Superglue USB ports.
4) Uninstall R/W CD/DVD drives
5) Implement the nuclear launch option for admin access: 2 people, 2 keys
6) Reduce contractor hiring
7) Encrypt everything, limit access based on role
We’re not passing judgment – just noting the options we have seen tossed around. Judgments will be passed at our Catalyst conference – so make sure you attend that.
What’s your organization considering?