Monday, July 26, 2010

Information Leakage

Increased use of a variety of new and powerful electronic units, like mobile smart phones and printers with hard drives point to a growth in the problem of information leakage. An organization can have reasonably good systems controls and procedures and yet be subject to information leakage because the new advanced devices bring in exposures that were never considered when the policies were put into place because they either didn't exist or weren't present in the system at that time.This short article in ISACA Now points to a few of the exposures and stresses the importance of awareness.

What information leakage means is increased vigilence is necessary when adding a device to a system. Vigilence to watch for features of the new device that can drain off information and then inadvertently expose it to unauthorized persons. It also means reviews with the objective of identifying information leakage risks and exposures.

No comments: