Effective-and cost-efficient-tools to help
your computer system keep its secrets.
With increased use of the Internet and computers to
store information, concerns over security of private client information
have prompted many firms to seek security solutions beyond the standard
firewall-type system. That does not mean abandoning firewalls. However,
it could mean adding some additional security features to your computer
and/or server. But, what combination of steps is most efficient for
your practice?
If you are one of the many firms using paperless
office solutions, you may already be aware of one relatively simple
step that can be taken. Any PDF file can be protected in one of two
ways, depending on which PDF document software you use. Adobe's newest
version of Acrobat Professional, version 7.0, has the ability to
protect PDF documents. According to its Web site, Acrobat contains the
following security features:
Apply advanced document control and security.
Protect sensitive and confidential documents.
Add access control to protect documents inside and outside the firewall, online and offline.
Use password protection.
Restrict access to documents using 128-bit encryption.
Control permissions.
Set document permissions and restrictions on whether Adobe PDF documents can be printed, copied or changed.
Sign documents digitally.
Sign electronic documents using digital signatures.
The cost is approximately $449 retail for the
professional version or $159 if you are upgrading from a previous
version. Adobe offers a standard version of Acrobat, which does not
contain the advanced editing, control and design functions of the
professional version, for $299 (full version) or $99 (upgrade).
Of course, not all client data may be stored as PDF
files. Microsoft Office, for example, also has some security features
that apply to all of its Office Suite of programs, such as
password-protected documents (files) and digital signature verification
on macros, etc. But this still does not cover all the areas of privacy
concern for most advisors. What about database security, for instance,
and e-mail storage? There are also concerns about wireless networking
in the office, and the use of portable storage media such as external
hard drives that may be used to comply with Sarbanes-Oxley requirements
by backing up server or other onsite data storage. Then there are
laptops and all the security concerns surrounding their use.
Recently, this author received a letter from his
financial planning company announcing that a laptop containing private
client financial information had been stolen from one of its offices.
The letter went on to say that, although the theft was disturbing, they
were confident that no personally identifiable information was taken.
One hopes that this is the case. However, this and other similar
instances serve to illustrate the worries associated with the use of
today's computer equipment and peripherals.
If you use external hard drives for backing up
server or other onsite data storage, newer models are available with
built-in security features.
Many external drive manufacturers bundle backup
software with their products that may be able to perform automated
backups (unattended) and/or encrypted backups. Some newer products,
such as the Tritton 160GB Simple Network Attached Storage (NAS), offer
features designed to complement an office network while still being
able to utilize offsite or removable storage solutions.
The Tritton Simple NAS (www.trittontechnologies.com)
is a cost-effective, network-attached storage solution designed for the
small office user. Connect the Simple NAS directly into your network
through the CAT5 port located on the back of the unit. You can share
your data with everyone on the network simultaneously whether you are
reading or writing data. It can be used as an FTP server, media storage
server and to backup critical data. The included backup software allows
for scheduling unattended backup tasks, self-executable backups,
encrypted backups, compressed file backups and more. Setup is simple
and takes only a few minutes to be up and running. Administering the
Simple NAS is done through a Web-based interface, by logging onto the
unit via your Web browser. Tritton also offers portable backup drives
and wireless backups.
For those who already own an older external hard
drive without built-in security features, Beyond Micro
(www.beyondmicro.com) offers a unique 3.5-inch HDD Enclosure designed
to fit most existing external hard drives.
Beyond Micro's BME3.5 external enclosure (made from
a tough grade of aluminum) offers an innovative secure storage
solution: It provides two secure keys for user authentication and
access control. As a result, your data is safe from unauthorized use,
even if it is misplaced or stolen. And the Beyond Micro 3.5 offers
automatic bit-by-bit encryption for the entire hard drive, including
the boot sector. It is powered by a NIST- and CSE-certified DES 40-bit
encryption engine. The cost is approximately $135.
For those of us who are concerned about laptops, a
new product from Winmagic (www.winmagic.com) may just fit the bill.
MySecureDoc Personal Edition is a data encryption program designed for
laptops and desktops. MySecureDoc secures residual data, temporary
files, paging files and hidden partitions left unprotected by other
encryption methods, according to its press information. It is designed
to encrypt every byte of data on a laptop (or desktop) machine. It uses
a 256-bit encryption algorithm to protect data behind the scenes in
real time without user intervention. One potential drawback appears to
be a performance hit on your machine during the encrypting process.
Company literature suggests that this is minimal, though. In personal
tests conducted by this author, no noticeable system slowdown was
detected. And, at a suggested retail price of $29.95, this is a
cost-effective and efficient security solution. Winmagic also offers a
personal edition-plus that extends security to portable media such as
external hard drives, USB memory sticks and Secure Digital cards.
If you use a wireless network in your office, you
may wish to check to see if the encryption standard being used by the
wireless network is WEP or WPA. WEP (Wired Equivalent Privacy) is an
older standard that has been replaced by WPA and WPA2 (WiFi Protected
Access). It was created in response to several serious weaknesses
researchers had found in WEP. So, if your wireless router is only
capable of using WEP encryption security, you may wish to upgrade to a
newer model capable of handling the WPA standard. Among the many
providers that offer wireless access point (router) products, you may
wish to take a look at Netgear (www.netgear.com). Netgear's ProSafe
802.11g Wireless Access Point (model WG302) uses the new WPA security.
Linksys (www.linksys.com) offers several wireless-G broadband routers
that also incorporate WPA security. These devices are generally under
$100 and offer potentially twice the speed of the older 802.11b
standard (up to108mbps). Most 802.11G routers are downward compatible
with older 802.11b devices. So, if your laptop or other device is one
of those, it may still be able to be used with the newer router devices.
If your goal is to increase the security of your
electronically stored data, then the choices listed above may just
provide you with effective and efficient security solutions.
David Lawrence is a practice
efficiency consultant and is president of David Lawrence and
Associates, a practice consulting firm in Lutz, Fla.
(www.efficientpractice.com) David Lawrence and Associates is an
approved sponsor of CFP Board of Standards continuing education credits
and offers CE programs on a variety of topics, including the financial
planning process.