25. m\u00e1ja vch\u00e1dza v\u00a0platnos\u0165 smernica GDPR. Mnoho in\u0161tit\u00faci\u00ed pon\u00faka komplexn\u00e9 rie\u0161enia pre firmy a p\u00fdta si za ne horibiln\u00e9 sumy, dokonca aj za \u010dasti, kde sa d\u00e1 pomerne ve\u013ea u\u0161etri\u0165. Nasleduj\u00faci \u010dl\u00e1nok nebude o komplexn\u00fdch rie\u0161eniach, ale len o malom zlomku z problematiky GDPR. Ako u\u0161etri\u0165 potrebn\u00e9 za drah\u00e9 licencie pre softv\u00e9rov\u00e9 \u200b\u200bza\u0161ifrovanie pri pren\u00e1\u0161an\u00ed d\u00e1t?<\/p>\n
Flash pam\u00e4te s\u00fa pre n\u00e1s \u00faplne be\u017en\u00e9 m\u00e9dium, ale m\u00e1lokto si uvedomuje, ako zranite\u013en\u00e9 toto m\u00e9dium je. Nos\u00edme na nich fotky, dokumenty, z\u00e1lohy, aj datab\u00e1zy a nedoch\u00e1dza n\u00e1m, \u017ee aj tieto d\u00e1ta bud\u00fa musie\u0165 by\u0165 zabezpe\u010den\u00e9. Sta\u010d\u00ed niekde zabudn\u00fa\u0165 polo\u017een\u00fd flash disk, alebo si nev\u0161imn\u00fa\u0165, \u017ee n\u00e1m vypadol pri vyberan\u00ed k\u013e\u00fa\u010dov z vrecka a probl\u00e9m je na svete. Viac ako 99% predan\u00fdch USB flash diskov zna\u010dky Kingston nie je zabezpe\u010den\u00fdch (vi\u010f. obchodn\u00e9 v\u00fdsledky Kingston v\u00a0\u010cR\/SR za rok 2017). V z\u00e1padnej Eur\u00f3pe je pomer mnohon\u00e1sobne vy\u0161\u0161\u00ed v prospech zabezpe\u010den\u00fdch diskov. Firma Kingston v roku 2017 spolo\u010dne s firmou ESET uskuto\u010dnila prieskum t\u00fdkaj\u00faci sa flash pam\u00e4t\u00ed a spolo\u010dne do\u0161li k \u0161okuj\u00facim z\u00e1verom. A\u017e tretina \u010cechov sa stretla so stratou alebo kr\u00e1de\u017eou svojej „flashky“. Ka\u017ed\u00e1 t\u00e1to strata m\u00f4\u017ee znamena\u0165 horibiln\u00e9 pokuty, ak boli na pam\u00e4\u0165ovom \u010dipe v zariaden\u00ed ak\u00e1ko\u013evek citliv\u00e9 alebo d\u00f4vern\u00e9 d\u00e1ta.<\/p>\n
Ako zabezpe\u010di\u0165 d\u00e1ta na cest\u00e1ch?<\/strong><\/p>\n Ka\u017ed\u00fd ob\u010das nejak\u00e9 d\u00e1ta potrebujeme prenies\u0165. Iste, ak sa jedn\u00e1 o osobn\u00e9 fotky z dovolenky, asi nemus\u00edme rie\u0161i\u0165 \u0161ifrovanie. Ak sa ale na pam\u00e4ti nach\u00e1dza napr\u00edklad zoznam kontaktov na dod\u00e1vate\u013ea alebo obchodn\u00e9 kontakty, fakt\u00fary a v podstate \u010doko\u013evek pracovn\u00e9ho, \u200b\u200brie\u0161i\u0165 by sme to mali. Ka\u017ed\u00e1 pracovn\u00e1 flash pam\u00e4\u0165 by mala by\u0165 zabezpe\u010den\u00e1. Softv\u00e9rovo, alebo hardwarovo. Pod\u013ea uoou.cz pam\u00e4te nemusia by\u0165 povinne za\u0161ifrovan\u00e9, ale silno sa to odpor\u00fa\u010da, preto\u017ee za\u0161ifrovan\u00e1 straten\u00e1 pam\u00e4\u0165 sa nepova\u017euje za tak ve\u013ek\u00e9 bezpe\u010dnostn\u00e9 riziko a pod\u013ea \u00farovne zabezpe\u010denia pam\u00e4te sa tak\u00fd incident ani nemus\u00ed hl\u00e1si\u0165.<\/p>\n Softv\u00e9rov\u00e9 \u200b\u200ba hardv\u00e9rov\u00e9 \u200b\u200b\u0161ifrovanie<\/strong><\/p>\n To je asi k\u013e\u00fa\u010dov\u00e1 ot\u00e1zka pre ka\u017ed\u00fa firmu alebo podnikate\u013ea. Obe rie\u0161enia maj\u00fa svoje pre i proti a sk\u00fasime si je teraz vysvetli\u0165. Softv\u00e9rov\u00e9 \u200b\u200b\u0161ifrovanie v podstate po zadan\u00ed hesla umo\u017en\u00ed za\u0161ifrova\u0165 d\u00e1ta alebo cel\u00fa pam\u00e4\u0165 zariadenia. Jednozna\u010dnou v\u00fdhodou je mo\u017enos\u0165 pou\u017ei\u0165 existuj\u00face flash pam\u00e4te. Tak\u00e9to softv\u00e9ry s\u00fa v\u00e4\u010d\u0161inou platen\u00e9 a potrebuj\u00fa licenciu, ktor\u00e1 sa zvy\u010dajne obnovuje na ro\u010dnej b\u00e1ze. S\u00fa rozli\u010dn\u00e9 a niektor\u00e9 m\u00f4\u017eu by\u0165 problematick\u00e9, pokia\u013e ide o integr\u00e1ciu do existuj\u00facich firemn\u00fdch programov. V pr\u00edpade cielenej kr\u00e1de\u017ee d\u00e1t potom je potom situ\u00e1cia pre \u00fato\u010dn\u00edka \u013eah\u0161ie, preto\u017ee m\u00f4\u017ee skop\u00edrova\u0165 d\u00e1ta medzi viacer\u00fdmi pam\u00e4\u0165ou a sna\u017ei\u0165 sa prelomi\u0165 \u0161ifru naraz na nieko\u013ek\u00fdch strojoch. Najslab\u0161\u00edm \u010dl\u00e1nkom ale nie je samotn\u00e1 \u0161ifra, ale u\u017e\u00edvate\u013e. Laxnos\u0165, lenivos\u0165 a nutnos\u0165 pravideln\u00e9ho \u0161ifrovanie m\u00f4\u017ee u mnoh\u00fdch zamestnancov vies\u0165 k ignorovanie tohto postupu alebo jeho obch\u00e1dzanie. Rolu hr\u00e1 aj prost\u00e9 opomenutia. Hardv\u00e9rov\u00e1 \u0161ifra nezab\u00fada. V\u0161etky d\u00e1ta id\u00fa skrz \u0161ifrovac\u00ed \u010dip priamo vo vn\u00fatri pam\u00e4te a pred ulo\u017een\u00edm na samotnej m\u00e9dium sa za\u0161ifruj\u00fa automaticky. U\u017e\u00edvate\u013e iba po pripojen\u00ed zad\u00e1 svoje heslo a nemus\u00ed sa o viac stara\u0165. V\u0161etko sa deje automaticky. Nev\u00fdhodou je obstar\u00e1vacia cena, ktor\u00e1 je o nie\u010do vy\u0161\u0161ia ako u neza\u0161ifrovan\u00fdch pam\u00e4t\u00ed. Av\u0161ak pri dlhodobej\u0161om pou\u017e\u00edvan\u00ed u\u017e\u00edvate\u013e u\u0161etr\u00ed, preto\u017ee nemusia ka\u017ed\u00fd mesiac \/ rok plati\u0165 za licenciu. Pri cielenom \u00fatoku je potom \u00fato\u010dn\u00edk v probl\u00e9me, \u017ee nem\u00e1 ako d\u00e1ta skop\u00edrova\u0165 a musia pou\u017e\u00edva\u0165 len jedno zariadenie. Jeho obsah sa navy\u0161e pri nieko\u013ek\u00fdch zle zadan\u00fdch hesl\u00e1ch vyma\u017ee.<\/p>\n Rie\u0161enia pre podnikanie v\u0161etk\u00fdch ve\u013ekost\u00ed<\/strong><\/p>\n V portf\u00f3liu firmy Kingston si vyberie ka\u017ed\u00fd, kto chce svoje d\u00e1ta chr\u00e1ni\u0165. Nem\u00e1 zmysel, aby mal\u00ed podnikatelia, \u017eivnostn\u00edci alebo firmy s nieko\u013ek\u00fdmi zamestnancami investovali do dedikovan\u00e9ho servera za tis\u00edce dol\u00e1rov. Ve\u013emi dobre im posta\u010d\u00ed napr\u00edklad DataTraveler2000. T\u00e1to pam\u00e4\u0165 je vhodn\u00e1 najm\u00e4 pre advok\u00e1tov, lek\u00e1rov, majite\u013eov obchod\u00edkov a rad \u010fal\u0161\u00edch profesi\u00ed. Jednoduch\u00e1 fyzick\u00e1 kl\u00e1vesnica na povrchu odoln\u00e9ho tela z kovovej zliatiny sl\u00fa\u017ei na odomknutie flash pam\u00e4te a po vlo\u017een\u00ed do po\u010d\u00edta\u010da alebo ak\u00e9hoko\u013evek in\u00e9ho zariadenia umo\u017en\u00ed nahra\u0165 ak\u00e9ko\u013evek d\u00e1ta. Po vysunut\u00ed sa automaticky sama ihne\u010f zamkne a do nov\u00e9ho zadania pinu zostan\u00fa d\u00e1ta za\u0161ifrovan\u00e9. Po desiatich zl\u00fdch pokusoch sa sama vyma\u017ee.<\/p>\n Stredn\u00e9 firmy a rozsiahlej\u0161ie rie\u0161enie<\/strong><\/p>\n V\u00e4\u010d\u0161\u00edm firm\u00e1m viac ako s desiatimi zamestnancami potom Kingston pon\u00faka hlavne DataTraveler4000G2 alebo VaultPrivacy 3.0. Nutnos\u0165 vybavi\u0165 viac zamestnancov zabezpe\u010den\u00fdm m\u00e9diom so sebou toti\u017e nesie aj potrebu vies\u0165 evidenciu t\u00fdchto zariaden\u00ed. V\u010faka tomu, \u017ee m\u00e1 ka\u017ed\u00e1 flash pam\u00e4\u0165 unik\u00e1tne s\u00e9riov\u00e9 \u010d\u00edslo, je \u013eahko pou\u017eite\u013en\u00e1 do firemn\u00e9ho syst\u00e9mu. Od p\u00e4\u0165desiatich kusov potom Kingston pon\u00faka i rie\u0161enie na mieru pre firmu. Hlavn\u00fdmi argumentmi pre tieto rie\u0161enia s\u00fa vlastn\u00e9 logo, nastavenie dial\u00f3gov\u00fdch okien po pripojen\u00ed pam\u00e4ti, zlo\u017eitos\u0165 vy\u017eadovan\u00e9ho hesl\u00e1 aj \u010fal\u0161\u00edch faktorov, ako po sebe id\u00face s\u00e9riov\u00e9 \u010d\u00edsla, ktor\u00e1 u\u013eah\u010d\u00ed pr\u00e1cu v device managementu. DataTraveler4000G2 je iba v managovate\u013en\u00fd variante, VaultPrivacy 3.0 m\u00e1 variant samostatn\u00fa aj s mana\u017ementom. Management prebieha cez port\u00e1l a prostredie SafeConsole.<\/p>\n Ve\u013ek\u00e9 firmy<\/strong><\/p>\n Pr\u00e1ve management zariadenia na dia\u013eku je t\u00fdm hlavn\u00fdm, pre\u010do ve\u013ek\u00e9 firmy vyu\u017e\u00edvaj\u00fa t\u00fato mo\u017enos\u0165. SafeConsole d\u00e1va mo\u017enos\u0165 spr\u00e1vcovi vyn\u00fati\u0165 mnoh\u00e9 pravidl\u00e1 a pr\u00edpadne flash pam\u00e4\u0165 vzdialene znehodnoti\u0165 alebo uzamkn\u00fa\u0165. Umo\u017e\u0148uje napr\u00edklad zada\u0165 pravidlo, \u017ee sa flash pam\u00e4\u0165 mus\u00ed pred ka\u017ed\u00fdm odomknut\u00edm skryto pripoji\u0165 k serveru a skontrolova\u0165 svoj stav. A ten vie administr\u00e1tor na dia\u013eku nastavi\u0165. Napr\u00edklad vie na flash pam\u00e4\u0165 posla\u0165 odkaz, \u017ee je pam\u00e4\u0165 straten\u00e1 a uzamknut\u00e9, a ak ju niekto n\u00e1jde, pripoj\u00ed do po\u010d\u00edta\u010da, potom sa mu zobraz\u00ed spr\u00e1va, kam ju m\u00e1 vr\u00e1ti\u0165. Umo\u017e\u0148uje tie\u017e napr\u00edklad vyn\u00fati\u0165 pou\u017e\u00edvanie len v ur\u010denej sieti alebo lokalite. Ak pou\u017e\u00edvate\u013e zabudne heslo, umo\u017en\u00ed to administr\u00e1torovi posla\u0165 pr\u00edkaz k obnove a pou\u017e\u00edvate\u013e si zad\u00e1 heslo nov\u00e9.<\/p>\n Extr\u00e9mne zabezpe\u010denie<\/strong><\/p>\n Pre vl\u00e1dny sektor, arm\u00e1dne zlo\u017eky a in\u0161tit\u00facie s nutnos\u0165ou extr\u00e9mneho zabezpe\u010denia, ako banky, m\u00e1 Kingston svoju najvy\u0161\u0161iu rad, IronKey. Flash pam\u00e4\u0165 m\u00e1 najvy\u0161\u0161iu certifik\u00e1cie a pevn\u00e1 schr\u00e1nka bezpe\u010dne chr\u00e1ni elektroniku vn\u00fatri. Keby sn\u00e1\u010f niekto chcel schr\u00e1nku otvori\u0165 a \u010dip odp\u00e1jet, ten sa pri prvom pokuse o otvorenie roztrhne. IronKey m\u00e1 svoju vlastn\u00fa formu mana\u017ementu, ktor\u00e1 je e\u0161te \u010faleko detailnej\u0161ie ne\u017e \u0161tandardn\u00e9 SafeConsole. Naviac umo\u017e\u0148uje aj in\u0161tal\u00e1ciu vlastn\u00e9ho rackov\u00e9ho servera priamo ku klientovi, ku ktor\u00e9mu sa bude ka\u017ed\u00e1 flash pam\u00e4\u0165 hl\u00e1si\u0165. V extr\u00e9mnom pr\u00edpade m\u00e1 mana\u017ement IronKey aj funkciu zvan\u00fa „silver bullet“, teda strieborn\u00e1 gu\u013eka. V situ\u00e1cii, kedy firma zist\u00ed, \u017ee jej zamestnanec skop\u00edroval zo siete citliv\u00e9 d\u00e1ta a odn\u00e1\u0161a ich konkurenciu, m\u00f4\u017ee pam\u00e4\u0165 na dia\u013eku zmaza\u0165. Pam\u00e4\u0165 sa bez kontroly cez internet neotvor\u00ed a s prvou kontrolou zlikviduje cel\u00fd \u010dip vn\u00fatri (tzv. „Brickne“ zariadenia). Niet teda divu, \u017ee tieto pam\u00e4te maj\u00fa certifik\u00e1ciu NATO a rad\u00ed sa medzi najlep\u0161ie svojho druhu v\u00f4bec. U rady IronKey300 je aj model bez vzdialenej spr\u00e1vy a ten m\u00f4\u017eu pou\u017e\u00edva\u0165 jednotlivci ako bankov\u00fd poradcovia, IT experti aj t\u00ed, \u010do po\u017eaduj\u00fa maximum.<\/p>\n Flash pam\u00e4te sa str\u00e1caj\u00fa a bud\u00fa sa str\u00e1ca\u0165 aj na\u010falej. A tie\u017e sa bud\u00fa aj na\u010falej sa pou\u017e\u00edva\u0165 … Ale! Budeme musie\u0165 prem\u00fd\u0161\u013ea\u0165 nad ich pou\u017e\u00edvan\u00edm a zabezpe\u010den\u00edm.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" 25. m\u00e1ja vch\u00e1dza v\u00a0platnos\u0165 smernica GDPR. Mnoho in\u0161tit\u00faci\u00ed pon\u00faka komplexn\u00e9 rie\u0161enia pre firmy a p\u00fdta si za ne horibiln\u00e9 sumy, dokonca aj za \u010dasti, kde sa d\u00e1 pomerne ve\u013ea u\u0161etri\u0165. Nasleduj\u00faci \u010dl\u00e1nok nebude o komplexn\u00fdch rie\u0161eniach, ale len o malom zlomku z problematiky GDPR. Ako u\u0161etri\u0165 potrebn\u00e9 za drah\u00e9 licencie pre softv\u00e9rov\u00e9 \u200b\u200bza\u0161ifrovanie pri pren\u00e1\u0161an\u00ed […]<\/p>\n","protected":false},"author":7,"featured_media":80138,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,42],"tags":[],"class_list":["post-82180","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bussiness","category-tech","eq-blocks"],"_links":{"self":[{"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/posts\/82180","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/comments?post=82180"}],"version-history":[{"count":1,"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/posts\/82180\/revisions"}],"predecessor-version":[{"id":82181,"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/posts\/82180\/revisions\/82181"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/media\/80138"}],"wp:attachment":[{"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/media?parent=82180"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/categories?post=82180"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.slovaklinesmagazin.sk\/cms\/wp-json\/wp\/v2\/tags?post=82180"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}