Frequently Asked Questions 


Business Continuity Planning

Threat Risk Assessment

Security Budget Review

Computer Security


About a dozen computers are stacked in the Redmond home of a self-employed software programmer. They once belonged to company_X__ before they were sold as surplus several months ago.

Surplus Computers... with YOUR data!

Now, _X_ wants them back, and for good reason. The computers-and perhaps dozens more contain confidential financial information such as Social Security numbers, loan applications and job histories of an unknown number of _X's_ customers. Computer specialists say it is increasingly common for businesses to inadvertently sell computer equipment with all kinds of private and potentially damaging information.

Information has always been the most valuable asset of a company or government. Wars on and off the field are won with timely and intelligent use of information. How long can a company last if their suppliers, customers and shareholders learn that highly confidential or personal information has been scattered over the Internet?

We keep so much on our computers these days:  tax returns, love letters, legal briefs, e-mail, classified battle plans and risqué photos. Our hard drives mirror our lives, and they contain information that we do not always want others to see. Using out-of-the-box passwords, usually easy to guess, is a common mistake.  Even hitting the delete button does not remove the threat of exposure.

Many people are scared off by today's security environment, yet most systems are no different than what we have been using our entire lives. Encryption works like a lock and key or today's equivalent of card access, i.e. your banking card. Without the correct "key" you do not get in. whether it is your standalone computer, a laptop with your companies' financial statement on it or the company network connected to the Internet.    We have been accustomed to locking the doors and maybe the filing cabinet when we leave at night. Every manager entrusted with keeping the companies information secure must fully understand the risk involved in today's wired culture and have the appropriate resources.

A theft (when known) causes great uncertainty for a company, which typically is never truly aware of the damage that has been done. We stress known, because a great deal of damage is done unbeknownst to a company or until it is too late. Another thought to consider is that the majority of theft (information as well as physical goods, laptop computer, files) occurs internally. That means proper policy and procedures are even more critical.