Data security



ECCP Data Security – Report and Recommendations

Introduction

The recent high profile cases of portable devices being lost or stolen, has highlighted our legal obligation to ensure that we are doing everything possible to reduce the risk of sensitive data exposure, from loss or theft

In 2011, the Information Commissioner’s Office (ICO) published details of eighty three cases where formal action was taken regarding a breach of the Data Protection Act 1998 (DPA). Of these, around 25% related to the use of mobile or portable devices resulting in loss of personal information. Two of the cases involved substantial monetary penalties for the organisations found to be in breach of the DPA. Since then the number of cases has increased dramatically with the explosion in the use of personal mobile devices for work.

The DPA places certain obligations upon organisations regarding their use of personal data and it grants individuals certain rights regarding the personal information held about them by organisations.  The DPA covers ‘personal data’ and ‘sensitive personal data’.

The ICO’s view confirms the necessity for institutions to audit and monitor what is happening with regard to processing of personal data in their institutions and to include data protection when carrying out a risk assessment prior to introduction of new ICT facilities including social networking, data storage and shared services (e.g. dropbox which allows use via a smartphone). The ICO view of substantial damage, substantial distress and reasonable steps is outlined in the guidance and includes:

 

• whether a risk assessment was carried out,

• whether there are clear lines of responsibility,

• whether appropriate policies are in place,

• inclusion of a policy to encrypt laptops,

• application of recognised standards on information security management  

• whether  the damage or distress is perceived or of real substance

“The ICO will take an objective approach in considering whether there has been a serious contravention of the data protection principles.”

Overview

Traditional network-based security - firewalls to protect office workers, VPN for remote/mobile employees, and standard user logon security - is no longer enough in enterprises where employees are mobile and/or work remotely; or where the use of consumer mobile devices such as smartphones, laptops and tablets, becomes the norm. To better protect the data, security needs to move closer to the endpoint; i.e. the place where the data actually resides. As a result, encryption is a growing trend, particularly among larger organizations that have dispersed workforces.

Encryption is the process of modifying or changing (scrambling) the actual data into another form, so that another person can understand it only by unscrambling it with the correct decryption key. For example, a "secure" html link (such as for online banking) uses encryption to prevent a wiretapper from knowing what your data and passwords actually look like. The secure (secret) distribution of the necessary keys is a critical component of any encryption system. Encryption can be used for secrecy (transmission or storage), authentication (only someone with the secret key), disposal (encrypt then delete the only key), digital rights management (combination of above), and key distribution, among other things.

(Note: to overcome criminal activities hidden within encrypted data, under the key disclosure laws, the Regulation of Investigatory Powers Act 2000, activated by ministerial order in October 2007, requires persons to supply decrypted information and/or keys to government representatives. Failure to disclose carries a maximum penalty of two years in jail).

Until recently, ECCP work related data was only stored and accessed from location secure PC’s at the workplace. Therefore, the only security required was system password security on the machines themselves and document password security on confidential files. There was little possibility of the data being lost or stolen as the PC’s were never removed from the workplace. However, with the increased use of laptops and mobile devices by staff, new security measures need to be implemented.

This report details various options available, although not all will be included in our policy as there has to be a balance between what should be done to reduce our exposure to risk whilst not over-reacting so much that the systems become unmanageable and prevent us from doing our work.

Physical Device Security

a) Mobiles

Manufacturers of mobile devices provide three types of locking. A Sim_lock which Locks your SIM card, - no matter which phone you put it into, it will ask for the password. A Phone_lock which Locks the specific phone - no matter what card you put into it, and a Network_lock which locks the phone itself to a particular network. We are concerned in the first two.

If you utilise a smartphone for work, and have confidential data loaded to the phone; please ensure that you have Sim_lock password set if you are carrying data on the SIM, and the phone_lock password set, if you have data in the phone memory. As each phone setup will be different, I cannot give specific instructions here on setting these passwords, so please refer to your phone manual.

There is a further consideration with phones; that of securing confidential data on an SD memory card. Any Memory card can be removed and placed in a memory reader on a computer, or another phone to access the data therein; so if you have confidential data on an SD card, it will need to be encrypted. However, apart from Blackberries, which have an internal encryption function for SD cards (Blackberry content protection), most other manufacturers are very lacking when it comes to this level of security. Companies using both Android and windows phones, have been trying unsuccessfully to get the manufacturers to address this situation for several years but there is still no announcement forthcoming. Iphones do have internal encryption activated through the passcode feature, which means data can only be unencrypted in the computer designated at the apple site as the computer used to synchronise the phone

Windows 6 PDA mobile encryption does exist, but sadly if the PDA is cold booted then the decryption keys are lost and you will not be able to get to your data. If you have a smartphone or PDA, and intend to carry confidential data on it, there is a package called Secubox that you can purchase to encrypt the data. It is available from the following link .

If you have an Android phone, the various Android blogs give some suggestions, but some people have lost data trying them, so be careful. At the moment Google has not given any indication of how they will respond to user requests for this feature, so confidential data should not be loaded to an Android phone until further notice.

More general details on smartphone encryption and security can be found at the following link

b) Laptops

Where people are using personal Laptops for work, these need to be secured to prevent unauthorised access to the machine. At the moment most users are only utilizing logon security. This is not enough. It merely prevents access through the operating system. It is a very simple process to remove the passwords from an operating system. Although the passwords are encrypted; if a potential thief isn’t interested in what they are, but just in removing them, it is a very simple process to delete the password fields from the system. Many packages are available, including free packages, which will perform this action for them.

Therefore a laptop should have a device password, often called the boot password defined. Like a mobile phone this will prevent access to the device itself. When you switch the laptop on, the first stage of the boot process will ask for a password, and will not allow the boot to continue until a correct password is entered. This password is held in the CMOS on the motherboard, and will remain in existence as long as the motherboard CMOS battery is charged. Long before this you will probably have thrown the machine away.

Setting the BIOS/CMOS password on a windows laptop

To prevent access to the machine (in the same way as you would prevent access to your phone), you need to set a password in the BIOS. To do this once you have switched on your machine, Press the BIOS access Key. This is usually the ESC, delete or function key such as F1 or F2. A list of probable keys by manufacturer, if you don’t know your key, can be found at

Once the access Key sequence is pressed, this will load the BIOS menu. Navigate with the arrow keys across the top menu to select the security option. Three password options are given. The Supervisor password prevents someone from changing these password settings in the event that someone tries to boot from a network or CD. The User password is the main switch on password which causes a prompt for this password before the computer boot load continues. This HDD password enables hard disk password security for the disk, to prevent access to the data on the disk even if it’s transferred to another machine. However, a data recovery function could still access the files if they are unencrypted. Also, this option needs to be supported by the hardware you have.

Set the user and supervisor password. Do not bother with the HDD password as we will be using encryption for the confidential data where necessary. To set these passwords, tab down using the up and down arrow keys to the correct field and enter the password you require. DO NOT FORGET IT. Once you have set a BIOS password the only way to get rid of them is to short the motherboard, and this can be dangerous to your machine.

Press the ESC key to exit the BIOS and save.

 

From now on whenever you switch on your machine, even before it starts to load the BIOS or operating system you will be asked for the user password you set in the BIOS.

c) Apple Machines

Unlike PC laptops, Apple machines are a bit more complex to protect the physical machine. Apple's latest Open Firmware update introduces support for additional security options which allow the Open Firmware to be password protected. Similar to the typical PC BIOS password protection feature, this feature in Apple's implementation of Open Firmware allows you to password protect your computer's ability to boot.

The firmware password protection feature is off by default on all Mac machines and, according to Apple, the Open Firmware Password tool should be used only on Macs with Mac OS X 10.1 and later. Because Apple does not provide technical support or endorse using the Open Firmware Password Protection feature on earlier versions of Mac OS or with any third-party software utilities, you should be careful and first make sure that your Mac complies with this basic requirement. On Intel and PPC based Macs, the firmware password protection is based on two different types of firmware.

To be able to use the firmware password protection, you should have one of the following Apple computers: any Intel-based Mac, MacBook Air, iMac (Slot Loading) and later models of G3 iMac, iMac (Flat Panel) and later models of G4 iMac, iMac G5 and later models of G5 iMac, iBook (all models, both G3- and G4-based), eMac (all models), PowerBook (FireWire), PowerBook G4 and later models of G4 PowerBook, Power Mac G4 (AGP Graphics) and later models of G4 Power Mac, Power Mac G4 Cube – all models, Power Mac G5 and later models of G5 Power Mac.

Updating the Open Firmware with security enabled has been reported to cause permanent password corruption (and the security-mode setting before the update stays). So ensure you disable password protection security before applying any Open Firmware update.

Password-protecting Open Firmware does not ensure the physical hardware totally as a thief can open the case of the computer and force a password reset. By adding or removing memory, the host is put into a mode where it is possible to reset the PRAM by pressing Command-Option-P-R at boot time. Once the PRAM is reset three times, the password protection is removed. This quirk in the Open Firmware architecture is a backdoor similar to removing the battery on a PC. Also, a utility called FWSucker allows an attacker, once logged in to a host, to harvest the Open Firmware password. Even guest users can decrypt the password.

Open Firmware password protection must be treated as a tool in protecting your host, not absolute protection.

Setting Open firmware password protection on an apple machine

Because of the limitation and danger of corruption; which Apple will not take responsibility for, and for which they will charge you to correct, we will not be expecting any ECCP member to activate any additional device protection as standard on their own Apple devices. However if you do wish to activate this feature for your own benefit, instructions can be found here

If you intend to use a personal Apple device for work, please contact Mike or Samy to discuss your needs. Permission may be refused.

d) USB Sticks

Everyone now has at least one personal USB Stick, used to carry around their own data at work. These are even easier to misplace, than a phone or laptop!!!; so, if they are going to carry any type of work related confidential data, they must be secured at all times with some form of data encryption. There are three ECCP acceptable methods of achieving this. The first and second are software options. They are to use either an encrypted partition on your USB device, or an Encrypted data store on your USB device. The standard software you should use for this is the open source software TrueCrypt available from the download site This has been tested by the FBI and has proved to be uncrackable if a complex sentence key has been used. It is also, one of the few packages that will work equally on Windows, Apple and Linux machines, meaning the same USB stick can be used to transfer data across multiple platforms. Detailed instructions can be seen in the documents attached and outlined in the Data security section below.

The third method is to use a pre-defined encrypted USB device. These are more expensive than a standard device, for example a 2 GB encrypted USB device was the same price as a 16 GB standard device. You don’t get anymore security either; the only difference is you get the software to access the data store or vault included on the device.

External portable disk drives, such as passport drives, act in the same manner as encrypted USB drives. They allow you to set encryption for the disk partition if you desire.

One problem with using any encryption is that the relevant software driver needs to exist on any machine you want to access the encrypted files on. This means that whenever you use your encrypted stick in a public place, where you do not have the authority to install the driver, e.g. internet café’s, libraries etc. you may not be able to access your data.

I recommend therefore that you do not use the USB Volume partition encryption options but rather leave the USB stick as a standard format and create an encrypted container Volume as outlined in the section on Data security below.

Detailed instructions on creating and using USB Volume Partitions are attached.

e) Tablets

Although some tablets do support hardware data encryption, not all do – and many users don't bother to enable PIN locks, much less encryption. Furthermore, even users who lock their own tablets may not realize that data stored there is readily accessible to downloaded apps. According to the App Genome Project, roughly one-third of mobile apps access a user's location, while 8% to 14% access a device's contacts. Perhaps more importantly, most users don’t read warnings displayed when installing apps, giving little thought to potential risk.

As a start it is very important to ensure that the Tablet PIN locks are activated. Also if data is being held on a tablet then consider f-secure’s or kespersky's mobile security remote lock and wipe package whereby you send an SMS message with a secure Pin number to wipe all data and reset the device when it is next switched on. Then if your tablet or iPad is lost of stolen you can immediately delete all user data remotely. More specific details can be found at the following website.

If you intend to use a tablet of some form for work, please contact Mike or Samy to discuss your needs. Permission may be refused.

Data Security

Even if your device is physically secure, either by one of the methods specified above for a mobile device or because of its secure location, i.e. in the case of the work PC’s locked in the office, there is still a security risk to anyone who bypassed that security.

The next stage is to secure the data itself. These instructions are specifically aimed at PC’s, the server at work and laptops. In the past many people have merely used a password on a file to protect the data itself, for example word and spreadsheet passwords. This gives a false sense of security. There are many ‘Brute force’ programs that will remove these passwords such as Avanquest’s password recovery, Passware’s wordkey or elsomsoft’s password recovery. And they are not expensive. A full version of the software can be found for as little as £20.

The only way to ensure the security of your confidential files is once again to encrypt it. You can use either full disk encryption, or create an encrypted container volume where the encrypted files will be held. Some hardware allows for full disk encryption from the within the BIOS, and Windows 7 itself contains an internal encryption program called Bitlocker that will encrypt the entire drive if activated, and the hardware supports it (i.e. there is a Trusted Platform Module (TPM) chip on a PC's motherboard). We do not need this level of security.

As a general rule, we will not use disk encryption but data encryption. ECCP will once again be using the TrueCrypt program on both the work PC’s and the buffalo server. The only files that should be placed within an encrypted container volume should be what you consider to be confidential files. This keeps down overheads on the machine on the encryption/de-encryption process. TrueCrypt performs On-the-fly encryption, meaning that data is automatically encrypted right as it is saved and decrypted right as it is loaded, without any user intervention. No data stored in the encrypted volume can be read without using the correct password.

For anyone using their own laptops or USB Devices for work related confidential data; should also have this package installed on their laptops. Download and install the software from site

a) Data Security container Volumes

A data security container is a single data file, which will be used to hold encrypted files. It can reside on any drive that you have access to, e.g. your C drive, a USB drive or a network drive. You decide the size of the container when you create it, for example you may want a container for your confidential files that is 10 GB in size. You will also decide the name of the container. This data container is loaded as a drive, usually during boot up times. For example you may decide to load the container as the Z drive. Any files placed on this drive are automatically encrypted. Files are automatically de-encrypted when you access them, no mater what the type. So, for example, a media file may be decrypted when it is loaded to a media player, or a document when it is loaded to the word program.

You can have as many containers as you like loaded. Each will have its own drive definition, for example X, Y and Z drives. Each can also have its own password so you could share an encrypted volume with one person who you want to share certain confidential files with but other confidential files could be held in another container accessed as another drive that you do not give them access to.

All users should have at least one Data security container. This may be on the server, a USB drive or the local C drive. Users should also have at least one data security container on their laptops.

Detailed instructions on creating and using the data containers are attached.

Mail Security

To secure your email effectively, you should encrypt three things: the connection from your email provider; your actual email messages; and your stored, cached, or archived email messages.

If you leave the connection from your email provider to your computer or other device unencrypted while you check or send email messages, other users on your network can easily capture your email login credentials and any messages you send or receive. This hazard typically arises when you use a public network (the Wi-Fi hotspot in a coffee shop, say), but an unencrypted connection can also pose problems on your work or private network.

Your actual email messages are vulnerable as they travel over the Internet, after leaving your email provider's server. Bad guys can intercept a message as it bounces from server to server on the Internet. Encrypting your messages before sending them renders them unreadable from the point at which they embark on their journey to the point at which the intended recipient opens them.

If you leave your saved or backed-up email messages (from an email client program like Microsoft Outlook) on your computer or mobile device, a thief or snoop might be able to gain access to them, even if you've password-protected your email program and your Windows account or mobile device. Again, encryption renders them unreadable to the intruder.

So what can you do …………….

a) Encrypting Email connections

To secure the connection between your email provider and your computer or other device, you need to set up Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption - the same protection scheme that you depend on when checking your bank account or making online purchases.

If you check your email with a Web browser (whether on a desktop, a laptop, a smartphone, or a tablet), ensure that SSL/TLS encryption is active. If it is, the website address (URL) will begin with https instead of http; depending on your browser, you should see some additional indication, such as a notification next to the address bar or a small yellow padlock icon on the status bar at the bottom of the browser window

If you check your email with a desktop client program like Microsoft Outlook, or if you use an email app on your smartphone or tablet, you should still try to use SSL/TLS encryption - but in such situations, encryption is harder to verify or to set up. To do it, open your email program or app and navigate to the settings menu; there, your account will likely be labelled as a POP/SMTP, IMAP/SMTP, HTTP or Exchange account. Look for an option to activate encryption; it's usually in the advanced settings near where you can specify the port numbers for incoming and outgoing connections.

We cannot do this at the moment for our POP accounts as it gives an error each time you load outlook because of an SSL certificate error with Andrews and Arnold. I am currently looking into this and will advise when it’s resolved.

b) Encrypting Email Messages

You can encrypt your individual email messages during transit, but both you and the recipient must do some work ahead of time to make the protection work properly.

By default email is not encrypted when it is transmitted. Mail encryption, in all the major mail clients, is provided by the PGP (pretty good privacy) system. You can only encrypt an email to someone, if you have their public key which generally means they can handle encrypted emails. They will then need to decrypt at the other end.

If they can handle them, why not always encrypt them?

Most forms of message encryption, including S/MIME (Secure/Multipurpose Internet Mail Extensions) and OpenPGP, require you to install a security certificate on your computer and to give your contacts a string of characters called your public key before they can send you an encrypted message. Likewise, the intended recipients of your encrypted message must install a security certificate on their computer and give you their public key in advance. This is all very cumbersome. Also, Bear in mind some people have email on mobile phones, or other applications, where maybe they cannot read the encrypted email, so the system is generally less than ideal.

There is an interesting software package called enlocked that is designed to take the complications out of complex encryption software. And it succeeds, to a certain extent. Enlocked adds a "Send Secured" button to your email client, allowing you to encrypt messages with a single click. Enlocked is available as a free plug-in for the Outlook email client; Chrome, Firefox, and Internet Explorer browsers (and thus hotmail, gmail etc); and Android and iOS mobile devices. Once you download and install the appropriate plug-in, Enlocked adds a new button to your email options: "Send Secured." You can send up to 10 secured messages a month for free. There are then price plans for additional messages. Any user receiving a secured message will have as part of the message a link to install enlocked themselves, to de-encrypt, if they don’t already have the software installed.

At present we will not be using encrypted email messages until it shows there is a need for this in our environment.

c) Encrypting Stored Email

If you use an email client or app on your computer or mobile device; rather than checking your email via a Web browser; you should make sure that the stored email data is encrypted so that thieves and snoops can't access your saved messages if you lose the device or someone steals it. On Laptops and desktops, running windows there is a built in function of the operating system called EFS (Encrypted file system) that allows the files to be encrypted through the properties tab. The encryption certificate and keyfile are locked to the user. Sounds good in theory, however if a thief removes the password for a user as described in the Device security section above, they can then logon to outlook and look at the data unless you include internal datafiles password security as well. However even this can be overcome with free software such as that from nirsoft, so it’s all a bit pointless really.

At ECCP we will use TrueCrypt encryption to hold the outlook PST store in a TrueCrypt data container.

For mobile devices it's best to use an operating system that provides full device encryption by setting a PIN or password to protect your email and other data. Blackberry and iOS (iPhone, iPad, and iPod Touch) devices have offered this type of encryption for years; Android supports it only in version 3.0 and later. For older Android devices, a third party email app, like TouchDown for Exchange accounts, that provides encryption may be required.

We will be changing the Logon system at work so that all users have their own logon and therefore their own mail PST file. User admin will continue to exist on each machine for updates, but if you wish to use another machine at work rather than your own, then you should use the guest user. Admin will no longer be used for any form of mail.

Generally all mail appertaining to the project should be sent via a project email address. I.e. @eccp-.uk. Downloaded mail is held in the PST file which should be placed in the default encrypted data security container volume for this user. This will prevent anyone else logging on and seeing any confidential emails or attachments.

Network/Internet Security

a) Internet security

A secure connection is an encrypted exchange of information between the website you are visiting and a browser on your machine. Most providers now use 128 bit encryption. You can find the encryption in your browser to confirm that it has the correct cipher strength as follows; on the menu bar, click the "Help" option and on the drop-down menu Click "About Internet Explorer." Check the data displayed after "Cipher Strength," below the version number. If the cipher strength displayed is "128-bit," then Internet Explorer encryption level is correct.

There are two very real security issues for communications over the Internet: 1. knowing for sure that you are connecting to the right servers (e.g. those at your bank and not those at a hacker’s or phisher’s web site), and 2. Knowing that your data is safe from prying eyes during transit to those computers. This is where Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL) come in. These are the cryptographic protocols that provide communication security over the Internet.

How Internet encryption works

SSL relies on the concept of “public key cryptography”. In normal encryption, the two parties communicating share a “password” and that password is used to both encrypt and decrypt messages. While this is fast and efficient, how do you communicate these passwords to people you have not yet met in a way that is itself secure? This is achieved through the use of an SSL certificate installed on your machine.

If a company wishes to use secure communications for their server they create a public and private key for . This is also known as the SSL Certificate. They then go to a trusted third party company such as Thawte or Verisign. This certificate authorising group (we will use Verisign in this example) makes the company prove its identity and right to use the domain. This usually involves a lot of paperwork and paying a hefty fee. Once the verification is complete, Verisign gives the company a new public key that has some additional information in it. This information is the certification from Verisign that this public key is for the company and that this is verified by Verisign. This certification information is then encrypted using Verisign’s private key.

From now on, when you connect to on its SSL-secured port using HTTPS, sends back its public key, i.e. the one logged with Verisign. You will have this key on your machine because these come with the computer. Thus, you can decrypt the validation information, prove the validation is from Verisign and verify that the public key is certified by Verisign. If you trust Verisign then you can trust that you are really communicating with . If you have your own SSL certificate installed, you may send this to at this point to see if they trust you. Client-side SSL certificates are not commonly used however.

Once you are happy with (and with you, if needed), then the your machine will choose an SSL Cipher to use from the list of encryption methods provided by the company, and generate a “symmetric key” (password) for use with that Cipher. You encrypt this password using the company’s public key and send it back to . The company (and only the company) can decrypt this message and get this password, which is now shared by both you and .

You can then start communicating with by encrypting all data using this password and the chosen Cipher.

Voila, you now have secure communication. In the main most communication over the web unless working with money or mail does not use secure communications. For an in-depth explanation of how ciphers work checkout the site

b) Use of wireless hotspots

A hotspot is any location where Wi-Fi network access (usually Internet access) is made publicly available. You can often find hotspots in airports, hotels, coffee shops, and other places where business people tend to congregate. Hotspots are considered a valuable productivity tool for business travelers and other frequent users of network services. However, being public, hotspots generally provide less secure Internet connections than do other wireless business networks.

From a security point of view, it’s not really safe to connect to an unknown open wireless network, particularly if you're going to be transferring any kind of sensitive information. The reason is that any and all information sent over an unsecured wireless network, - one that doesn't require you to enter a WPA or WPA2 security code - is information that is sent in plain sight, for anyone to grab over the air. Just by connecting to an open network you are potentially opening your computer to anyone else on that wireless network.

Hot spots are useful, but be aware of the risks and minimize them by ensuring that any emails are sent securely and any attachments with sensitive data have been encrypted.

c) General Internet security for ECCP

In the main we will be not be utilising any form of encryption unless it’s supplied by another company. This will, in the main be any company using money transfers, banking and purchasing. For this, it is important to remember, when using secure communication; you should pay attention to warnings generated by SSL when you connect to secure sites. Such warnings include “expired certificates”, “domain name mismatches” — where the domain name presented by the company is different than the one to which you are connecting, and “non trusted certificates” — where the public key (certificate) presented by the company was not validated by a third party that your computer trusts. E.g. Verisign. In all of these cases, you should be wary, and inform Mike or Samy.

d) Local Network Security for ECCP

The Local network is secured, at the network level, from outside users attempting to access data, by the network address. Quite simply, it’s not routable. This limits the access an outside user would have to the local PC’s. Any attempt at attacking the network using an alternate protocol would be rejected by the router as the majority of ports are closed on the firewall.

Wireless access to the network is also encrypted, within the wireless protocol itself. Hard wired (Ethernet) connection to the network is limited by physical location. Any hacker would require getting into the offices.

Remote access service to the server is provided through the HTTPS/SSL protocol and transmission of files is therefore automatically encrypted. A specific port will be used which will be forwarded to the internal server address from the router.

Disposal of Redundant Devices.

When equipment is replaced or discarded, both home and office, it is imperative that all company data and references are removed from the devices.

a) Mobiles and Tablets

Apart from a memory card and the SIM (which will be removed when you are disposing of the device), phone and PDA data is also stored in flash memory, and it’s retained even if the device's battery is drained or removed. To delete flash memory data, users have to do a "hard reset," which returns the hardware to its factory-fresh condition. Each phone and PDA maker uses a different hard reset procedure. You can download the details for a hard reset for your particular phone by going to the following site. Enter your phone and model and the instructions will be emailed to you.

For a phone or a mobile device that is lost or stolen you will need to be able to initiate a remote wipe if that device is used for confidential project data. Remote wipe tools are set up so that if your phone is lost or stolen, you are able to clean it remotely, deleting sensitive data. Many remote wipe tools also allow you to track the phone provided it has not been turned off. Details of such tools can be found at

As this is a personal phone and not issued by the project, it is the owner’s responsibility to provide a remote wipe tool at their expense if they wish to use their device for personal data.

b) Laptops and Desktops

Project confidential data, should always have been held in an encrypted TrueCrypt container, so even if a package is used to recover deleted files on a disposed of PC, the recovered container file is still encrypted and therefore not a security risk. The Mail PST file should also have been held in this container so any confidential mail is also encrypted and therefore secure. If the PC is lost or stolen, then the data is still inaccessible because of encryption.

However, normal use of the system will result in a great deal of information about the users activities so the following methods of cleaning a PC or laptop should always be carried out when you are intending to sell or otherwise dispose of the device.

a) Create a new administrative user, e.g. Admin2, and use this clean user to perform the following actions

b) Delete all users, including their files.

c) Delete all software apart from operating system software and the diagnostic cleanup software Eusing registry cleaner, ccleaner and Disk scrubber.

d) In order, run these three programs to clean your system. Disk scrubber will take a long time as it will overwrite all empty areas of the cleaned disk.

e) Remove redundant protocols from the network, also fixed IP addresses etc.

f) Remove reference to the computer name and workgroup in the computer properties.

g) Change the registered name of the computer in the registry value RegisteredOwner found in registry Key HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion.

c) Apple Devices

Apple machines, Like PC’s, will have had their data encrypted for confidential information, reducing the security risk. Also like PC’s they will after clearing down files have a lot of incidental information on them regarding the activities of the original user. Any deleted files will only have had reference to the file removed, it’s not actually deleted. The simplest way to properly clean such a drive is to use the drive wipe function on the installation CD and then re-install the operating system over the top.

a) Insert your Mac OS X DVD into your Mac, and restart the computer.

b) After you hear the start up chime, hold down the Option key. You will be presented with a choice of booting from your hard disk, or the Mac OS X Install DVD. Select the DVD.

c) Once the installer loads, and you get to the Install Mac OS X screen, instead of continuing, go to the Utilities menu on the top of your screen, and open Disk Utility.

d) In Disk Utility, select your hard disk from the list on the left.

e) Click the Erase tab in Disk Utility, select Mac OS Extended (Journalled) for Format.

f) You will see a button near the bottom “Security Options”; this option wipes the drives clean of your old files. When you click on Security Options you will be presented with 3 levels of secure erasing. As you shouldn’t have had confidential data outside an encrypted container, a 7 pass erase shouldn’t be necessary. However to ensure a good trade off between security and time I would recommend a 1 pass erase twice.

g) You can now reinstall the operating system to its basic level.

d) Portable devices

All confidential data on portable USB sticks must have been encrypted. Any other portable device such as Backup CD’s must be physically destroyed when being disposed of, for example by shredding.

Condensed overview of Policies

General Policies

. Passwords used to access PCs, applications, databases, etc. should be of sufficient strength to deter password cracking or guessing attacks. A password should include numbers, symbols, upper and lowercase letters. Password length should be at the very minimum 6 characters. Passwords based on repetition, dictionary words, letter or number sequences, usernames, or biographical information like names or dates must be avoided.

. Personnel who leave the Project should be removed immediately from mailing lists and access control lists.

. Staff should ensure that callers to the office or other unauthorized persons are unable to view personal or sensitive information displayed on PC monitors, etc.

. All staff should ensure that PCs are logged off or ‘locked’ when left unattended for any period of time.

. Where possible, staff should be restricted from saving files to the local disk. Users should be instructed to only save files to their allocated network drive.

. All machines and devices will be cleaned down according to the details outlined in this report prior to disposal. Where personal machines have been used, it is the owner’s responsibility to ensure you have conformed to this policy as a condition of using your own machine for work.

Additional Policies for Mobiles Ipads and Tablets

. Where mobiles, Ipads and tablets are used for accessing or storing confidential data, even for just emails, they should all have both the Sim_lock and the phone_lock password set.

. Whenever confidential data is stored or accessed through a mobile device, Phone encryption must be used.

. Whenever confidential data is stored or accessed through a mobile device, a Remote wipe application such as Kaspersky mobile security or Kaspersky Tablet security should be installed in case of loss or theft.

Additional Policies for personal Laptops

. When Personal laptops to be used for work related activities they must have both a BIOS and logon password set. Passwords to conform to the general Policy on passwords

. All confidential data relating to the project must be held in an encrypted container file on the laptop.

Additional Policies for Apple Macs

. Due to the susceptibility to errors, and refusal by apple to fully support their own functions, or to take responsibility for data loss and recovery when using the firmware function, this facility should only be used at the owners risk. Apple machines should not be used for any form of work, or to hold confidential data without consulting Samy or Mike.

Additional Policies for portable Media

. Wherever confidential data relating to the project is held on a USB stick or passport drive, it must be held in an encrypted container file. This can be either a TrueCrypt container or a default encryption container provided as part of the device. When purchasing an encrypted device, please check with Samy or Mike that the encryption conforms to the policy.

. Backups should no longer be made to CD/DVD portable devices. They are too easy to misplace or not be disposed of properly. All Backups should be made to encrypted USB or ‘disk passport style’ devoices which should be encrypted. All current backups on CD’s should be collected and destroyed.

Additional Policies for email

. Work related emails containing confidential information should always use the work email address. i.e. @eccp-.uk Do not use web based mail applications for confidential mail or attachments.

. Work related emails downloaded to the outlook client will reside in a PST file within an encrypted container to secure the data and attachments.

. Standard unencrypted email should never be used to transmit any data of a personal or sensitive nature. Departments that wish to use email to transfer such data must ensure that personal or sensitive information is encrypted either through file encryption or through the use of a secure email facility which will encrypt the data (including any attachments) being sent. Use of 7-zip encrypted attachments is acceptable.

Additional Policies for Internet use

. Dropbox and other social networking sharing services, like Google drive, Microsoft SkyDrive and others, promise safekeeping of your documents and the use of encryption methods, but the recent security breach as highlighted by the BBC recently shows the dangers of using such sites at present. Additionally, apart from Spideroak, employees at all such online storage sites have access to your data. NEVER store a confidential file directly to this type of drive. If you have to store any information in the cloud for portability, then encrypt the files first on your machine using TrueCrypt then store that encrypted container inside your dropbox, Google drive or other online storage space.

If you are intending to access these files through an iphone or an android phone then use Boxcryptor instead, as this already provides the relevant apps to unlock the encryption.

Note that if you create an encrypted container with Truecrypt, in the online folder copy that exists on your machine, you will need to unload it from the drive attachment within TrueCrypt, to allow synchronisation to occur. This restriction isn’t an issue with Boxcryptor.

. Never send or access mail or data over an unsecured wireless network, i.e. one that doesn’t require you to enter a WPA or WPA2 security code.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download