Is it legal to download software in a way that would be illegal normally if you already own the software?
How Private Are Your Documents?
The modern day law office relies substantially on the computer system and the network upon which it operates. Document creation, modification and retention is inextricably tied to the office computer system, and often left vulnerable to theft or piracy via that firm’s open internet connection. As the power and potential of the internet expands, the threats to personal and document privacy increase proportionally. Whether you run a corporate office, a law firm or a small business, the secure protection of your private documents will often represent the difference between victory and loss in a law suit.
A consistently open internet connection can act as an entryway through which various types of hackers or accidental searchers may access and leak confidential information. Failure to safely secure documents and implement efficient policies aimed at overall network and computer protection, can not only lead to the leaking of personal and confidential information, it may often times be used as evidence in a law suit. This reality is compounded by the recently passed amendments to the Federal Rules of Civil Procedure regarding electronic discovery of documents in legal actions. The electronic discovery rules establish a preference toward the discovery of electronic documentation, which will include the trail of metadata that each document modification leaves behind.
Due to the recently passed electronic discovery rules, discovery of electronic information is presumably valid and accepted. Due to this new development in the discovery patterns of adversaries, information and documentation which was once thought to be private and confidential may now be disclosed, often unintentionally through the disclosure of electronic information. A well trained IT department can find embedded information and evidence in disclosed information that was never meant to be disclosed. Such dangers not only subject the company or firm to unintentional disclosure of private information, but may also subject them to personal liability if the information inadvertently disclosed detrimentally impacts a third party whose information was supposedly confidential.
Ordinarily, edits made to a document, while not apparent on the computer screen, are embedded in the document itself and can easily be obtained by a trained IT professional. These changes are recorded as metadata. In respect to document edits, one step that can be taken while using Microsoft Word programs is to render a document as a ‘protected document.’ To do so, it is necessary to go to the Tools menu and select ‘protect document’ prior to sending it to anyone else for edits. When you choose to protect a document, the only modifications that can be made to it are Comments and Tracked Changes. These modifications do not become part of the document until you choose to ‘unprotect’ it and modify the document yourself. This method therefore allows you to ask your reviewers to make comments directly in the Microsoft Word document you send them. This tactic can not ensure against all metadata trails, it is but one method and system which can be employed to help reduce risks. In order to mitigate the risks inevitably faced with the continued expansion of internet use and electronic commerce, combined with the more lenient electronic discovery rules, all types of companies must institute protectionist documentation policy.
While risk of confidential disclosure can never be completely eliminated, the key to implementing the optimally effective system is to find a balance that allows for an efficient managing of the risk. Secure and safe document production, storage, and disposal systems should be used by all firms and companies to help reduce exposure and protect private and confidential information from both legal adversaries and malicious hackers. In addition, an effective legal review system should be used to help determine the status of certain forms of documentation, in order to categorize said documentation as privileged or non-privileged information. Obtaining the assistance of a law firm or attorney experienced in dealing with privacy, document retention and production issues can help ensure a company’s protection into the future, and is invaluable in the event of a pending law suit. An attorney with a clear understanding of relevant discovery rules and the emerging technology can serve as a key advisor in designing and determining the appropriate privacy protections contained within the ideal document protection system.
Closing the gaps in enterprise data security: A model for 360? protection
Closing the gaps in enterprise data security: A model for 360? protection
Businesses adapt to increased mobility and expanded connectivity: Evolving data threats
Mobile computing and global networking cast a new light on data security issues as, in response, organizations reassess the technologies in use within their IT infrastructures and reconsider the ways in which staff members, customers and partners communicate. Solutions that do not provide the appropriate balance between protection and usability must be discarded in favor of solutions that effectively minimize risks of data theft or loss, achieve compliance with existing regulations and equip personnel with tools that help them work productively and securely.
The crux of the matter is simple: Business processes today rely on vastly different methods of data storage and data exchange than even a few years ago. These changes in the computing landscape make it essential that companies adopt a very different approach to security. According to the Forrester Research report, “The State Of Enterprise IT Security: 2008 To 2009,” 90% of organizations say that data security is “important” or “very important” and would get high priority in 2009.
The following sections detail three possible scenarios illustrating how these individual threats can affect the business operations, data integrity and overall security of organizations.
Scenario one: Theft of a mobile computing device
Scenario two: Losing removable media containing confidential data
Scenario three: The insider threat
Each section also provides recommendations as to how each individual threat can be minimized by using technology that is available today. The objective is to provide full 360-degree security that protects against the widest range of attack vectors.
Scenario one: Theft of mobile computing device
California-based Company A, a channel partner of a global chip manufacturer, has designed a promising media player. Product manager Sally Ortez worked closely with the chip maker to negotiate the specifics of the processor purchases, product rollout plans, marketing strategy, projected sales in various channel outlets and product road map details.
Ortez routinely kept all documents relevant to the collaboration on her notebook computer, including proprietary information under a non-disclosure agreement with the manufacturer. At a large trade show in Hong Kong, Ortez was navigating the packed aisles of vendors and technology companies with her computer bag secured by its strap over her shoulder. After she was bumped from behind, someone quickly cut the strap of the bag and grabbed it. Police efforts to locate the thief failed.
Five days later, the full specifications of the unreleased processor showed up on the Internet, along with the marketing plan for the media player and product road map. A day after that, the chip manufacturer cancelled the channel co-marketing plans with Company A and threatened legal action because of the disclosure. Ortez never recovered the lost notebook.
The mobile workforce depends on smaller, lighter and more portable computing devices to get their work done in the field. Their reliance on these computing devices heightens the importance of protecting the information on them from loss, theft or viewing by unauthorized individuals. The 2008 CSI Computer Crime and Security Survey reports that laptop theft/fraud ranks among the top three threats, with 42% of security professionals who responded citing it.
As reported by a number of different sources, theft of mobile computing equipment is all too common and—without protection—the information stored on systems is easily accessible to thieves. Even a power-on password and other forms of single-factor authentication are of little use in guarding against theft or loss.
However, encrypting the data on mobile computing devices makes it inaccessible to thieves and outsiders, and provides a level of data protection that is both prudent and responsible.
Solution: SafeGuard Enterprise
With SafeGuard Enterprise the ending to the previous scenario could have been much different. Consider this alternative ending.
Following the advice of a leading data security publication, the director of IT operations at Company A implemented a policy to perform full hard disk encryption on all company notebook computers using SafeGuard Enterprise The software deployment took place overnight. Following the initial usage, which requires a simple log-in process, employees using single sign-on (SSO) need only enter their password once to access the computer, just as they had done previously. Employees didn’t notice any difference in the behavior of their laptops.
During the Hong Kong trade show, Sally Ortez lost her notebook computer when her computer bag was snatched in a crowd. Because of the strong encryption protection on these devices, there was no potential for the disclosure of any sensitive data, and the business partnership with the chip maker continued to flourish. Company A also avoided having to notify companies and individuals about the stolen data, as is required by California SB 1386 for any losses of unencrypted data. Encryption preserved both the data privacy and a valuable business relationship to the benefit of everyone involved in this scenario.
Industry-leading encryption solutions from Sophos deliver enterprise-caliber data security, giving mobile workers the confidence and protection to travel freely without being concerned about revealing information that could damage both their company and their career.
SafeGuard Enterprise effectively protects data on mobile computing devices—including laptops and netbooks.
Scenario two: Losing removable media containing confidential data
Fabian Bredcowski worked as a technical support specialist for Company B, a thriving New England-based computer retailer, and was privy to files and information stored on the Company B servers—all of which were strongly protected by a corporate firewall and rigorous authentication and access protections.
Bredcowski took security seriously, but he was also tenacious about pursuing solutions to problems— even when away from the workplace. After dealing with one particularly vexing support question that he could not resolve over the phone, Bredcowski couldn’t get the problem out of his mind and decided to work on it at home with his home computer. At the end of the day, he hastily copied the tech support customer files to a 1GB memory stick and slipped it into a pocket in his wallet. The files included contact information and personal data about several hundred Company B customers.
On the way home, Bredcowski stopped at a local restaurant for a take-out dinner. His wallet slipped out of his pocket and fell to the ground when he got out of the car. The driver of the next car that pulled into the lot noticed the wallet, picked it up and found the memory stick inside. He pocketed both and quickly drove off.
When Bredcowski reached for his wallet to pay for his dinner, he was shocked to find it was missing. At the same instant, he realized the memory stick with private customer data was inside. Conscientiously, he reported the loss to his supervisor, who was furious that, as a matter of policy, Company B would have to notify each customer of the personal data loss—a grave reflection on the company’s handling of personal information. For this breach, Bredcowski was docked the cost of mailing the data loss announcements and demoted to a position in the shipping department. For several months after the event, the customer support personnel at Company B had to respond to a steady stream of phone and mail complaints from customers disturbed that their personal information had been treated so casually.
The increased storage capacities and evolving form factors of removable media create a new vector of possible data loss. Securing removable hard disk drives, flash memory devices, optical discs, magnetic media, memory sticks and similar media should be a top priority for security strategists within an organization.
The compact size and lightweight form factors of removable media devices make them especially prone to loss or theft. Such potential security breaches can damage customer relationships and result in financial losses for the businesses involved.
Protect sensitive data and intellectual property residing on endpoint devices: Encryption prevents unauthorized access to hard drives, flash memory cards, optical discs, memory sticks and similar media.
Solution: SafeGuard Data Exchange
The use of SafeGuard Data Exchange could have resulted in a very different ending to this story. Consider this alternative scenario. After dealing with the difficult support question that he could not resolve over the phone, Bredcowski copied the relevant files to a 1GB memory stick protected by the SafeGuard Data Exchange solution. All data being stored on the memory stick was automatically encrypted, protected by a secure password that Bredcowski previously assigned.
The loss of his wallet in the restaurant parking lot turned out to be a personal tragedy; but the driver who stole both the wallet and the memory stick had no way to access any of the data files because they were encrypted. Although Bredcowski reported the loss to his supervisor, no action was taken because the data on the memory stick was securely protected. For several months afterward, Bredcowski had to deal with fraudulent charges on his credit cards; but the good customers at Company B were protected from the potential revelation of their personal information and the company maintained its strong reputation.
SafeGuard Data Exchange provides security-to-go for all forms of removable media. As a reasonable precaution against loss or theft, this solution ensures consistent, effective protection of commonly used media storage devices in your company. To ensure that confidential information remains confidential, you can configure SafeGuard Data Exchange to prevent any sensitive data from leaving the company on a removable medium without first being encrypted. As an additional measure of protection, access to any unencrypted data stored on removable media can simply be denied.
Scenario three: The insider threat
Wendy Profolo had been working as a contract software developer since her mid-twenties, and her proficiency and integrity gained her a good deal of trust. In her new assignment for Company C, she was quickly provided network access and her manager was pleased to see her making steady progress on the coding project she had been given. What her manager did not know was that Profolo had a serious gambling problem and had become proficient at finding ways to exploit information extracted from a company server to cope with her rising gambling debts.
Within two weeks, Profolo managed to modify her access privileges, scour the network file structures to retrieve a dozen corporate credit card numbers, gather personal information about the executive board that might later prove useful, accumulate financial records that she thought might be sold to a Taiwanese competitor of Company C and steal the source code for a revolutionary new product that the company was developing. Profolo was caught one evening as she was trolling through the human resources files by one of the janitors, who was startled to see his name up on her screen and immediately reported her to her supervisor. Profolo is serving time at a minimum-security prison and, as a result of this experience, Company C currently relies on encryption to protect sensitive resources stored on corporate servers.
Threats from insiders—whether contractors working on software code, disaffected administrators acting maliciously or rogue personnel with unknown agendas—are among the most insidious data threat scenarios. The
2008 CSI Computer Crime and Security Survey reports that insider abuse ranks among the top two concerns, with 44% of the security professionals who responded citing the threat.
A comprehensive data protection strategy should address this potential risk and find techniques to mitigate it.
First, consider the range of assets that insiders theoretically can view or access, and then employ decisive measures to secure these assets against unauthorized viewing. This may include file access on internal LANs, server content that is accessible to insiders and information stored casually on workstations or notebooks physically accessible on desks and tables within a facility.
Solution: SafeGuard LAN Crypt
Before Company C hired Wendy Profolo, a savvy manager in the software engineering group procured a trial copy of SafeGuard LAN Crypt. Impressed by the capabilities of the software application, the manager purchased and installed a licensed version of the product. Following Profolo’s hiring, despite a progression of attempts to penetrate the encrypted server contents, she eventually realized that there was no possible way to access protected files and folders on the LAN.
Given this situation, Profolo was forced to confront her problem and her supervisor helped her gain admission to a 12-step gambling addiction program, which successfully brought her problem under control. Profolo has bounced back and focused her skills on application design, recently becoming a valued, full-time employee of the company.
SafeGuard LAN Crypt prevents confidential information stored on company servers from being viewed by anyone without the appropriate authorization. In any organization where insiders have potential access to the contents of servers, encryption provides an effective means of guarding sensitive information from prying eyes.
Embracing a 360° approach to data protection
As discussed throughout this paper, maintaining data privacy and confidentiality is an essential component of any data security strategy designed to contend with today’s data threats. With a suite of data security solutions based on advanced encryption technology, Sophos products directly address the three stages in the data life cycle: the endpoint or the back end (data at rest), during transmission (data in motion) and during processing (data in use). The prevailing model of the open enterprise—where mobile workers, removable media and increased networking generate new threats—requires a strategy that aligns business practices with full, comprehensive data protection.
Central management and oversight of data protection measures give organizations a means to ensure that the security policies in force are enacted consistently throughout the organization. SafeGuard solutions combine central management with the key security components to provide a unified approach to data protection—an important factor in countering data threats.
What are some points/argument supporting copyright and piracy?
For a school project i need to outline what sort of things support copyright and piracy. I can hardly find any points supporting it as most of the websites are against it.
I could really use help!!
even if it is just an opinion it would help and you would get at least 2 points.
I mean against copyright….. everthing opposite
Watching Internet Tv – A Brief Summary
There has been a lot of interest in watching TV on the internet in the past few years. In accordance with that, there is also so much information about this subject on the internet that one may end up confused about what it is all about. This article aims at clearing up all that confusion & providing some useful information regarding internet TV.
There are 3 ways to start watching TV on the computer.
TV Tuner Card (also called as PCTV card or DirecTV cards)
This is the method of watching TV on the computer that most people may be familiar with. Basically, what one has to do is buy a credit-card sized device from computer hardware shops & plug it into the PCI slot in the motherboard or in the USB port. Then, appropriate software such as Pinnacle Media Center has to be purchased & installed on the computer. Then the software interlinks the cable TV service with the computer thus enabling you to watch TV on the Computer.
Let’s look at what kind of tools we will need & also the cost factor. These cards can be bought off eBay, or other online trading sites. They can also be picked off the shelf of a computer hardware shop. Along with the software that needs to be installed, the installation costs can easily exceed $300. Some of you may also be using illegal software without getting caught. However, this won’t work with Watching TV using this method as TV Providers such as ESPN are constantly taking measures to cut out piracy & once they come to know that what you are doing is illegal, they may immediately take the channel off-air. Don’t even bother to listen to people who offer unencrypted DirecTV cards to watch Internet TV as the chances of getting caught while doing so are extremely high.
Free Internet TV
Doing a Google search for this will let you know that there are many sites such as wwitv, beelinetv, free-internet-tv.org, channelking.com that offer thousands of channels for watching TV on the internet. But upon usage, one will realize that most of the channels that one really wants to see (such as ESPN, Discovery etc.) aren’t being aired. Besides, the quality of the streaming isn’t all that great either. So, it’s not really an ideal option unless you are getting the kind of channels you want. However, the advantage of this over TV tuner cards is that you are spending nil. But the disadvantage is that you don’t get the channels that you actually want. So let’s take a look at the third option.
Watch TV on the Internet
This is the most popular method to watch Internet TV & has a rising trend. You can say that it is a mix of the first 2 methods. You get most of the extremely popular channels & you get very good quality content. And what’s more? It’s perfectly legal & does not infringe any sort of copyrights. This method of watching TV really works since it is also cost effective. For less than $50 you’ve got yourself an awesome piece of software that can make your TV experience a great deal better. Besides you even get free bonuses such as unlimited movie downloads, ipod converters etc.
The Verdict – Among the 3 methods, the 3rd method easily wins in all areas. Though you won’t have the kind of quality that you get with Cable TV, if you are a frequent traveler or spend a lot of time in front of your PC, then watching TV on the Internet is perfect for you.