Network Security

Tight network security is generally not very expensive to acheive. Nearly every modern wireless router (tyically $100 or less) has WiFi Protected Access (WPA) incorporated as well as the AES encrypted WPA2. Fundamentally, when WPA or WPA2 is instituted within a network the algorithms that control access are based on 128-bit and 256-bit keys. To the mathematician, a 128-bit key generates 2¹²⁸ possible combinations which equal 2 times itself 128 times, which equals 3.4x10³⁸ possible combinations or written out, 3,400,000,000,000,000,000,000,000,000,000,000,000,000 possible combinations for someone to try to break into your wireless network. With a simple approximation, 256-bit encryption would add another 38 zeros to the end of that number. Even the National Security Agency and the FBI cannot crack 256-bit encryption. It is cheap, easy, and ""bulletproof"" to incorporate a secure wireless network.

As far as the data on devices is concerned, it is important to consider adding encryption to every disk drive, usb drive, and backup device in your network. This is especially important for devices that leave your network, such as laptops and USB sticks. Consider what is on a single laptop in your organization right now: sensitive emails, customer data, personal documents, even bank account information and credit card information can be embedded in the drive on a computer. Encrypting the drive is cheap, comes at perhaps a 10% tradeoff in performance but ensures that the new owner of your stolen laptop will not be able to get anything whatsoever off of the disk drive. You are out of a laptop but you have zero risk of your customers' data being compromised. To even the most sophisticated hacker, a properly encrypted drive contains nothing but nonsensical information.

If you think your data is protected because there is a password on the operating system, it is not. Simply mounting the drive in another computer gives access to nearly all of the information contained in the drive. That is, unless it is encrypted -- where it is all completely undecipherable ones and zeros unless the password that decrypts the information is available. A little bit of time and a small amount money can provide a massive amount of data security and peace of mind.