By Gary Shottes, President, Ipswitch File Transfer Division
You cannot pick up a newspaper today or view a news website without reading about the latest incident of a mass data breach. The financial loss associated with a company’s data breach is potentially huge, not only destroying an organisation’s reputation, but also putting the security of its customers or clients at risk.
Data loss has become a contentious issue over the past year, particularly since the revelation that HM Revenue & Customs managed to lose 25 million child benefit claimants’ details on two CDs a year ago. This dramatically positioned the issue into the public eye and instigated a sudden flurry of media interest and further revelations. Even more worryingly, a recent government review concluded that instances such as the HMRC’s loss were ‘entirely preventable’.
The HMRC were also found accountable this year for risking approximately 15,000 Standard Life customers’ details when the compact disc containing the information got lost en route from their offices in Newcastle to the company’s headquarters in Edinburgh. In another instance, the personal data of around one million bank customers from three different companies, including Royal Bank of Scotland (RBS) and its subsidiary, NatWest, were found on a laptop sold on eBay. This contained information including account details, signatures, mobile phone numbers and family details. In November, IT professionals compromised confidential patient data by leaving a memory device in the street, whilst the BNP’s membership list was subject to unauthorised publication.
These are just some of the more high profile cases that have actually been revealed. Many companies experience data breaches yet fail to tell their clients, let alone the authorities or police. The reason for this is due to the fact that the majority of companies realise they would expect to lose customers immediately, on a massive scale, if a data breach was revealed.
However, many individuals and businesses believe that repeated data breaches should become a criminal offence. Making banks and businesses accountable for data breaches is something that the National Consumer Council (NCC) has been petitioning for recently. The reckless loss of data actually became a civil offence earlier this year and the Information Commissioner's Office has recently been given more powers to fine offending private and public-sector organisations.
As more and more electronic data is collected and stored on company networks, the chances of mismanaging and losing the data, especially when it is being transferred, is inevitable, unless controls and systems are put in place. Too many employees are not aware of the risks involved in transferring sensitive data, especially to portable devices such as memory sticks as well as information attached to unencrypted emails. Companies are moving more files than ever before and there is often an oversight of compliance and regulatory issues.
Security experts agree that employees not only need to change the way that they handle data but they also need to invest in software capable of controlling the movement. This software has actually been available for quite a number of years though; secure file transfer. It is quite incredible how companies moving vast amounts of data are not using this simple, yet highly effective technology. There is little cutting edge about secure file transfer, but is slowly repositioning from an old technology knows as FTP or File Transfer Protocol to a more secure, more integral solution used by thousands of companies and businesses.
Once the system is in place, data can easily be uploaded and accessed by authorised personnel, essentially eradicating the possibility of theft or loss of a disc, laptop, memory stick or other storage device. File transfer also provides the ability to encrypt files making it even harder for data breaches.
Hospitals, retail outlets and insurance companies are also discovering the benefits of using these products to securely transfer data, especially with the size of the data being transferred and the ease of which transfers can be automated.
The solution is intuitive, easy-to-use, secure and very cost effective, which is extremely important for the majority of businesses. Once companies start utilising secure file transfer systems, they often wonder why they haven’t implemented them earlier.
Ipswitch, Inc. is exhibiting at Infosecurity Europe 2009, Europe’s number one dedicated Information security event. Now in its 14th year, the show continues to provide an unrivalled education programme, the most diverse range of new products & services from over 300 exhibitors and 12,000 visitors from every segment of the industry. Held on the 28th – 30th April 2009 in Earls Court, London this is a must attend event for all professionals involved in Information Security. www.infosec.co.uk
Source: InfosecurityPR
<>