Industry News

Come April 2010, The Information Commissioner’s Office will be able to issue fines of up to £500,000 for serious data security breaches. The size of the fine will be determined by factors including the size and finances of the organisation at fault, whether the breach was accidental or deliberate and how much damage the leak of information caused.

 

The new rule comes into action in the hope that it will encourage companies to comply more closely with the Data Protection Act.

This meant that connections to remote sites were cut off during the clean-up operation leaving Ealing council with a £501,000 bill for the emergency recovery and in lost revenue.

 

The events underline the fact that USB flash drives have become a key method for spreading viruses, suggesting that virus scanning has to extend beyond the PC to all types of removable storage. With this in mind, employees should be issued with company flash drives that include on-board anti-virus scanning.

Moving forward, Manchester City Council will have to conform to higher standards according to the Information Commissioner’s Office (ICO). They will have to ensure all laptops and other removable devices are encrypted and secure, allowing for only essential personal data to be downloaded to mobile devices.

 

This is not the first case a council has lost confidential data and have been urged to take responsibility to implement appropriate safeguards to ensure that personal details are secure.

Furthermore, many even admitted they would steal information from businesses if they were fired, such as customer databases, passwords, strategic plans and financial reports. This continued unauthorised access of confidential materials and data leakage can have serious implications on the company - customer relationships can be damaged, vital information can be leaked to competitors as well as the possibility of firms in breach of regulations.

 

Despite the much documented outsider threats to data security it is the threat from inside that poses the most risk. Data security is automatically put at severe risk just through an employee’s ability to access it.

Cyber security is a growing problem, yet organisations are having trouble addressing the problems due to inadequate staffing, increased regulatory pressures and insufficient budgets - staffing being the main issue. As a result, companies are moving towards a managed security service.

 

It seems managed security services is a solution for many organisations to bridge the security gap. With the ability to provide 24x7 coverage, lower overall costs, access to security expertise and an enhanced ability to mitigate security risks, organisations can feel confident that their information and assets are protected.