| |||||||||
| |||||||||
Current Filter: Security>>>>>Feature> Time to halt the Torrent Editorial Type: Industry Focus Date: 11-2014 Views: 3079 Key Topics: Security Key Companies: Sims Recycling Solutions Titania Wick Hill Skyhigh Networks Key Products: Data Leakage Prevention Key Industries: Education Health Retail | |||
| Stopping data leakage requires a robust chain of custody, with a high level of security, auditability and transparency that provides organisations with the visibility to track that information asset right across its lifecycle The past couple of years have been colourful on the data leakage front, with countless examples including 2 million user accounts breached at a mobile operator and 38 million accounts compromised at an IT services provider. Closer to home, a UK firm was fined £325,000 by the Information Commissioner's Office after hard drives containing patient data were sold on eBay by a contractor it employed to destroy them. As Dr Anand Narasimhan, director, Sims Lifecycle Services EU, comments: "High-profile leaks of data have become a regular headline in news publications across the world. Undervaluing the responsibilities associated with holding information on IT equipment is a common occurrence, resulting in worrying consequences for the companies involved. There are many sources of data leakage, he points out, the leading ones including: POS intrusions, Web App attacks, Insider misuse, Physical theft or loss, Crimeware, Card Skimmers, DoS attacks, and Cyber-espionage. While many businesses have secure policies and technologies to counter these challenges, established to ensure that data is safe within the business and when shared across technologies, what happens to data when IT assets leave their premises and their control?
FAILURE OF DUTY "In our work, we regularly handle POS devices, servers, computers, mobile devices and various flavours of removable media. We secure them, transport them, store them, wipe them, remarket them and destroy them, all of the time taking care to ensure that our clients can feel secure. Yet, in our industry, we typically go to work only when a client has a need for disposal. "What is needed is a significant shift in mindset, within our clients and in our industry, to a view of information as an asset whose life span extends well beyond the traditional viewpoint of data within a box, within a network, within an enterprise, that can be transported, handled, migrated, stored and destroyed by a network of providers." In other words, providers who can assure a chain of custody, offer a high level of security, auditability and transparency, and provide clients with the visibility needed to track that information asset anywhere in its lifecycle.
NONCHALANT APATHY There is a consensus in media that the retailer should be hung to dry for the sin of being breached, she adds. "But security is not a self-sufficient feature within the organisation; it is a complex systems consisting of people, processes and technology. In the real-world business environment, other factors come into play: supply chain, customers, suppliers, resellers, partners, subsidiaries and many more. As the risk map grows, so does the security responsibility."
| ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |