I wrote an article not long ago about protecting our personal and sensitive important information. As some of you are well, aware once your data is out there, it’s out there. From the first click of the “check out now” button, you are being traced, watched and analyzed. From how much you spend, where you shop, to your favorite product, even your prime time to shop. But that’s just one aspect of it. Are you concerned that Big Brother (including the National Security Agency) is not only watching but also listening to, recording and even transcribing your confidential client conversations?
What about when not only your information is being subject to attack, but now your clients confidential information is at risk. As a risk and security director of a multi-million dollar company, it is is one of the toughest questions and concerns I have. I’m in constant contact with high profile clients and sensitive data.
The good news for lawyers, corporations and medical professions, worried about maintaining their duty of confidentiality is that there are tools and safeguards to help them.
Lawyers and professionals, like myself, need to be very cognizant of their communications being intercepted by NSA. Even worse for lawyers is that they can’t even be certain what the law is, since the status of the NSA’s various programs and the data they collect seems to change every day. Plus, given the secretive nature of the NSA, as well as the U.S. Foreign Intelligence Surveillance Court that oversees its surveillance warrants, lawyers can’t even be sure of what is and is not legal.
Lawyers and anyone for that matter, should assume all of their conversations are subject to NSA surveillance and take steps to protect confidential information.
I can’t stress enough how all emails, electronic messages and communications should be encrypted. There’s no shortage of available encryption hardware and software, and I highly recommend using an encryption service such as ZixCorp or the open-sourced TrueCrypt. Platform-specific devices are also available, such as, Apple’s FileVault.
You can also purchase self-encrypting hard drives such as the Seagate Secure, encrypted flash drives such as the IronKey from Imation Corp., and encryption software such as PGP Whole Disk Encryption and Sophos Ltd.’s Safeguard, says, “Lina Maini with Beacon Network Investigations, LLC.
As for passwords, I would recommended a more secure method of authentication, such as security tokens or USB tokens.
So I’m a big fan of firewalls, and highly encrypting everything, from, email, phone service and anything else. I’ve also became a huge fan of the company Silent Circle. One of the things that I enjoy best about the service, is I’m able to set the burn settings at whatever time I feel deemed necessary. Meaning once I sent any type of message, video, photo or voice message, it is encrypted and will burn itself at the time I choose.
I think a lot of people forget, that even sending a voice message or note via text or message, that your message has to go back to the server, say Apple, then is transferred back to the end user, therefore leaving footprints of your data to be copied.
For lawyers and corporations worried about talking on the phone, their prayers will be answered this month: Spanish smartphone company GeeksPhone and software company Silent Circle launch Blackphone, an encrypted smartphone that protects phone calls, text messages, emails and Internet browsing. Using VPN technology, Blackphone promises to be an NSA-resistant phone. I know I’m looking forward to ours arriving soon.
One thought on “Be vigilant about protecting sensitive client data with these tools”
Pingback: Tactical Trainer, Christian Swann, on NSA-resistant Communication Encryption. |