Lock down your workstations with serious tech

The state of the art right now is two-factor authentication. Put simply, you need a password and a device, usually a smartcard or password generator, to get access to the corporate network. Using your ATM card and a PIN, for instance, is a kind of simple two-factor authentication.

I recommend: The next step up for networks is a security token, a keychain device that quickly generates passwords which must be used within a few seconds to work. Manufacturers of security tokens include Aladdin, Entrust, Actividentity, and RSA Security.

Review your mobile data on laptops and handheld devices

Everyone knows the story of the hapless government employee who left the laptop with millions of veterans' profiles on its hard drive in a taxicab. (It was recovered.) What most don't realize is that their key secrets are just as exposed.

I recommend: Control who has access to what on your employees' take-home computers and devices lockable memory from Safeboot and Utimaco.

Short on budget? Consider a folder or file lock device

A network-wide system is best, but small companies with limited funds should consider locking each machine individually or perhaps just key files or folders.

I recommend: Software to automate protection of key files is available from Deslock, Information Security Corporation, and PGP, now a big company but the original consumer encryption maker, once known as Pretty Good Privacy.

Lock the entry and exit points for total security

One of the bigger problems, until recently overlooked, isn't baddies trying to get in but the so-called "trusted path," a.k.a your own employees, who think nothing plugging keychain memory drives, digital music devices and other memory disks into their work computers as if they were at home.

I recommend: Besides viruses and such coming in, there's always a risk of important, even sensitive data walking out the front door on that iPod. A growing industry of endpoint security offerings includes eEye, Safend and Layton Technology.