Chapter 11. Geography
In This Chapter
Scoping out why location makes the difference
Merging physical and logical security
Identifying the evil twins
Fitting new hires into the security picture
Location is everything when buying a house. A good location is safe and secure. The same is true when it comes to data, except data can easily move.
The value of data varies over time and its security varies with geography. If you or your computer is in a less secure area, the risks are higher. If the risks are higher, you have to take more steps to protect the information. Likewise, if the computer is in a secure location, you don't have to take those steps.
Location-Based Access Control
The idea is simple: If you're inside the company, your access to applications and data is greater than when you're outside. This reduces the risk of something bad happening (in this case, data lost or stolen). Unfortunately, most applications aren't aware of geography, so they give full access at all times. In other words, most applications are unaware of where you're accessing them:
You could be inside the physical boundaries of the corporate organization.
You could be in a dodgy Internet café in Grotsville.
The anywhere-anytime application is with us. Corporate road warriors (and other employees with laptops who work outside the office) can access anything and everything, no matter where they are. That's the problem. If they're sitting in coffee shops somewhere, connected through wireless, perhaps they shouldn't
Get Data Leaks For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
