De Beers, Toronto, Ontario, Canada
Only when organizations practice information security can they prevent plans for critical projects from falling into competitor hands. This article discusses how the Canadian arm of global diamond-mining giant De Beers implemented a comprehensive data security plan to protect information about its 2007 effort to develop two new diamond mines. In doing so, it describes the challenges that the information security team faced in instituting an existing policy and adapting it to the local environment, Canada's legislative policies, and the prospecting initiative's requirements. It identifies De Beers's security tactics, including entire-disk encryption, a multi-leveled security gateway for accessing the corporate network, and software that monitors the locations of--and the changes made to--laptops used in the field. It then overviews the security protection system that De Beers Canada uses to defend its network against viruses, malware, spyware, adware, and intrusion.