Guest Blog: Data Privacy Day - Is your security blanket intact?

Security

by | 28 January 2013

John Thielens, chief security officer for Axway writes for CBR on how to patch up holes in your business’ security blanket.

The consumerisation of IT in businesses is here to stay. At its latest Symposium, Gartner revealed that by 2016, two-thirds of the workforce will own a smartphone and 40 per cent of the global workforce will be mobile. With this in mind, failing to ensure second to none data security within a business in this day and age can prove as risky as walking a tightrope with no harness.

In order for businesses to meet the challenges around data privacy, they need to be aware of their surroundings. With an increasingly mobile workforce on their hands, many organisations today are operating in an open network; one that can be more vulnerable to threats that can damage corporate reputations. Not only this, but being more prone to data breaches means that businesses are putting themselves in the firing line of the likes of the Information Commissioner's Office (ICO), which has the power to hand out hefty fines for those found in breach of data privacy regulations. Granted, consumers have an obligation to watch out for the privacy of their personal information online. However, once a business gets its hands on that information they ultimately become the custodian of that private data, and have a duty to safeguard it. You only have to look at how this plays out publically to see how imperative it is to have proper information security processes in place. Take the Sony data breach last year, which lost 102 million customers' details in two separate attacks, for example.

Businesses must ensure they know exactly where their corporate and customer data is, who is accessing it, how they are accessing it, and what they are doing with it. With a steady flow of internet connected devices being launched on the market, more and more employees are able to access confidential corporate data remotely, often through external, unsecure networks. While employers are feeling the pressure to implement Bring Your Own Device (BYOD) schemes within the workplace and to make the most of the changing technology landscape, this needs to be coupled with policies and security measures that provide full visibility of where data is and who is accessing it at all times. This end-to-end visibility, together with proper BYOD policies, can be the difference between earned customer loyalty and irretrievable brand damage.

Another risk factor that businesses need to take into account is the lack of expertise in the workforce. There is already a pervading fear around how human error can compromise the security of data within an organisation. And human error can be costly. Just last year, Stoke-on-Trent City Council was hit with a £120,000 fine from the ICO when an employee accidently emailed sensitive information on a child protection case to the wrong person. To avoid these public pitfalls, businesses need to ensure they are investing in their workforce, equipping them with the skills and knowledge they need to ensure data isn't leaked as a result of unnecessary human error.

Enterprise uptake of cloud services and the move towards BYOD is changing the way businesses operate. It is creating a world of opportunity, cutting the costs of hardware investment and boosting flexibility for the entire workforce. Having said this, it's crucial that businesses understand that this new era of business comes with a new set of rules.

It's not all doom and gloom though. By analysing the network, identifying weak spots and taking the appropriate steps to mitigate risk, businesses can ensure data isn't compromised because of external threats or human error. By arming themselves with the right balance of knowledge and sound security tools today, businesses will ensure that their security remains airtight tomorrow.

 

John Thielens, chief security officer, Axway

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

755 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.