Who "Owns" Your Computer & Data?



Yup, you are right, I didn't see the cross-posting coming.
Seriously, though, it is EASY to ignore data security fundamentals because "we are small", when just a handful of measures can minimize potential threats.
Say you are a contract designer or mold maker, and you sign a Non- Disclosure Agreement with a customer/client.
If you do NOT keep those customer's materials in private hands and somehow they get out to the public, you eliminate the possibility of your client getting a patent application, if it is development work, plus the competition could jump on the ideas. So do you keep your information "off the net".
I know "insiders" are usually responsible for more violations of NDAs than hackers. However, we are now for the first time getting new employees into business who have lived with computers from the day they were born, so to speak. There are a certain number of those employees inclined to see if they can tweak, 'link up' or 'get through' access restrictions on the net. You can get a "virtual education" on the subject on, where else, the Internet.
The discussion warrants thinking about company policy in a wide range of areas including password requirements (no short passwords or passwords consisting of dictionary entries for a starter, and no written down passwords stored at your desk or under the keyboard). Then comes the issue of how often it is mandated to change your password and how your employees remember or access a password they have forgotten, after it was just changed. Biometrics anyone?
We live in a new world where information of high value is placed within the reach of a single password, or hack job.
My work with others suggests that many networks in small companies don't have tight security policy, & some have no policies written.
This comment sort of summarizes why I started the thread in the first place. SolidWorks users are working with data that is now more valuable than the paper drawings of centuries past, but we are many times not treating the information as such. A single assembly drawing and a few part drawings in the past was of little use in most cases. A flash drive with an assembly and part files can be worth millions. Which brings up the question, are your USB ports locked down, or can anyone insert a flash drive and copy off data on an open computer? Small companies still rely on honesty for most security, by what I see.
Bo
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
The traffic is still going to be caught by the firewall if it is separate from the Windows machine. I noticed Windows update stuff typically happens after hours. But it does show up on the radar.
TOP
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Given this mornings news from the EU, it appears from headlines that Microsoft may be required to open up some of their code in addition to the fine. Maybe there will be more transparency in their proprietary OS, and maybe that will alleviate fears about back doors and lack of privacy as a result of all the accidental security holes.
Time will tell.
Unfortunately, for me, I do not think I will ever trust my PCs to be on the Internet along with my proprietary data, as I don't have the time and expertise to become an expert at protecting PCs from hack jobs.
For me that means I will keep proprietary data off the PC whenever activation is needed, and hopefully the PC will never be back on the Internet or a network, or if it is, it won't have proprietary data on it.
Bo
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
One thing about SW models. If anyone tried to download even a fraction of the vault we have it would show up on the IT radar as a huge one way outbound traffic jam.
TOP
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

That is true.
Often the most valuable Intellectual Property that a firm owns is its trade secret spreadsheets and product plans, though, & those may be as simple as a 100k spreadsheet or outline.
Given the breaches in various large companies involving various types of consumer data in a variety of ways, including secret back door code installed by coders (think Ameritrade), there are good known reasons to be careful and cautious.
Bo
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Polytechforum.com is a website by engineers for engineers. It is not affiliated with any of manufacturers or vendors discussed here. All logos and trade names are the property of their respective owners.