Device Security

by | Nov 29, 2017 | Article

Every door in your house is an access point and represents a potential entry way. In the same way, every laptop or computer can serve as a weak link to data or transactions. Computers have a way of getting taken. Whether it is your department’s payment computer or your company laptop, every device must be secured appropriately. Proper endpoint protection of your devices covers the physical environment and the access methods and controls.

Physical Controls

Physical Access covers physically restricting access to the plant or office. This is key to the foundation.

  • On premises. This typically requires locked doors that are equipped with keycard access points, security cameras and security alarms in case of an intrusion.
  • Off premises/when traveling. Do not leave your device unattended at client sites or in public places. Asking the ‘fellow’ professional you don’t know at the coffee shop if they can ‘watch your stuff’ while you go to the WC may be better than just leaving your work computer out. But, it isn’t secure.
  • Secured Ports. Every open port on a computer is a potential avenue for compromise. Does your organization have a way of shutting this exposure point down?
  • Dedicated machine. For an increasing number of companies, they are using a dedicated machine for payments. No access to email. Web site access is specifically controlled and limited.

Electronic Access / Direct Access

  • Cable Lock. A ‘hypothetical’ conversation. ‘Why are you locking up your laptop? Have you had one stolen?’, ‘No’, {quizzical look}, ‘No, I lock it up so it doesn’t get stolen’. Cable locks can be defeated, but it takes time.
  • Backup. Ensuring your organization had a full-backup of all data on the computer can help with disaster recovery, recovery from theft and an additional defense against ransomware.
  • Clean Up. Before traveling, especially, removing any files from the computer that are not needed reduces the surface area of the exposure.
  • Encryption. If your laptop is stolen and the data is un-encrypted, the data has already been compromised. If it is encrypted and there is a remote wipe command, you are in a far more protected position.
  • Screensaver/Password. Having a screensaver kick on within 10 minutes of inactivity helps ensure your data stays protected.
  • Wireless Hygiene. During your travels use only known secure wireless networks. The emphasis is on the known.
  • Reporting Process. Make sure there is a process to report stolen or lost devices immediately that triggers actions that wipe the remote device and begin other recovery or lockdown activities.

We want to generate some healthy thinking about this topic all geared towards application, but please note that many additional security precautions may be necessary at your firm and it is important to review your company’s security protocols regularly.  Strategic Treasurer offers multiple corporate training courses related to treasury and cybersecurity. For more information click here.

Craig Jeffery

Managing Partner
Craig Jeffery formed Strategic Treasurer in 2004 to provide corporate, educational, and government entities direct access to comprehensive and current assistance with their treasury and financial process needs. His 25+ years of financial and treasury experience as a practitioner, banker and as a consultant have uniquely qualified him to help organizations craft realistic goals and achieve significant benefits quickly. He is responsible for overall relationship management and ensuring total client satisfaction on all projects.

Want Free CTP and FP&A Credits?

Want Free CTP and FP&A Credits?

We have multiple opportunities throughout the year to participate in valuable treasury-related webinars that provide FREE CTP and FP&A CREDITS to all who attend.

Just let us know where you'd like the invites sent.

You have Successfully Subscribed!