This Best Practice is part of a collection of advice provided by information technology professionals on how they have solved various challenges, and addressed IT priorities within their organizations.

Company: FN Manufacturing

Challenge:

Makers of M16 assault rifles, FN Manufacturing still faced a common IT challenge: managing laptops. Employees frequently travel for work, and they take along laptops containing sensitive data. As more and more employees rely on laptops as their main workplace computer, volumes of information that used to remain in the office are increasingly put at risk.

As with many security problems, laptops pose the dilemma of balancing productivity and risk. Of course, traveling employees are far more productive if they have workplace applications and information at their disposal. However, what is good for productivity is often bad for security. Laptops that travel are exposed to more risks. They get left behind in taxis, airplane cabins, restaurants and coffee shops, and every now and again they are exposed to hackers when they connect to poorly secured public networks. Another emerging risk is that of the targeted attack. More and more phishing attacks focus on specific individuals and companies, rather than simply casting a wide net and seeing what turns up.

It is critical for traveling laptops to have the same level of security as PCs within the workplace; otherwise the data on those laptops is at risk. According to the U.S. Commerce Department, intellectual property theft costs U.S. business about $250 billion each year, while also slashing nearly 750,000 jobs from the U.S. economy.

FN Manufacturing, LLC, knew that it needed to address this problem. The company is a precision machining manufacturer specializing in the production of small firearms. Located in Columbia, SC, the company supplies arms to the U.S. military and law enforcement.

At first glance, FN Manufacturing doesn’t seem to be a prime candidate for a new class of data security. After all, they don’t have large consumer databases, such as those common at healthcare, financial, and retail organizations, and while any military information can be considered sensitive, the weapons they supply are fairly standard.

However, in the manufacturing sector, as in much of the twenty-first century U.S. economy, information is the lifeblood of the business, and a data breach could bring serious trouble.

“There is a lot of sensitive data on our laptops,” said Olivier Vanderstraeten, FN Manufacturing’s network security systems manager. “Besides the employee’s own personal information, there are often product drawings and schematics. These are highly confidential.”

Often times, it may not even necessarily be the design of the product that is sensitive, but the way it is made. The machining process itself could be confidential, and in an industry that relies so completely on a single customer – the U.S. military – even slight incremental advantages are critical. Losing information to a competitor, who could then outflank and perhaps under-bid you, could be a disaster.

Another highly sensitive type of information is customer information. This isn’t the privacy related information involved in most breaches, but the kind of customer data critical to ongoing supplier-buyer relationships. Contract specifics, contact lists, deal terms, and even the due dates for contracts are all details best kept in-house.

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine