Home / Archives For confidential information

confidential information

Network-Based Attacks: How Much Can They Cost You?

Every business acknowledges that network security is critical. But how do you quantify the business value that a secure network provides? And how does an enterprise evaluate and justify investing in network security products like next-generation firewalls, intrusion prevention systems and unified threat management appliances? While there is no exact formula or “cost of attacks” calculator, there are some useful guidelines and research studies that can provide techniques and resources for IT managers to develop their own cost model. There are three core areas that are important for assessing the impact of network-based attacks and the “prevention value” of next-generation firewall technologies: Defining the different types of network-based attacks Understanding how those attacks can affect ......

Whose Email Is It Anyway?

Who owns an e-mail? This was the question facing the High Court recently when an employer challenged a former employee to handover e-mails exchanged in the course of his duties. The answer has led business to take steps to tighten up internal processes to protect the content of business emails – or face the consequences. The High Court’s judgement in Fairstar Heavy Transport NV v Adkins and another backed up earlier rulings in saying no one can claim the content of e-mails because property rights do not exist in information. This position is one no company using e-mail can afford to ignore. From a legal perspective, this judgement means that any contractual agreements, such as employment contracts, consultancy agreements or business contracts should include obligations about the use ......

Rain From The Cloud (And Some Sun At The End)

Cloud computing is changing the way in which computing and data communications operate. The availability of high speed low cost communications through fibre optics means that remote hosting of computing and IT applications is economically possible, and there are clear cost benefits for both users and providers. The migration from in-house computing to cloud has not been as fast as expected. Putting aside the usual over-optimism of marketing spread-sheets, what holds users back when they think about cloud adoption? Firstly, there is much conflicting hype in the market and many variations on which type of cloud – public, private, bare-metal, hybrid and so on, and the user must first find his way through all the hype. Then he must decide which applications to migrate. In general, applications......

Stop Stealth Cloud In Its Tracks

Businesses are failing to deliver the right mix of workplace IT services to their employees, which is fuelling a generation of maverick cloud users. Recent research by Computacenter has revealed that 8 out of 10 employees are signing up to consumer cloud solutions, such as DropBox and SkyDrive, to fill the gap in corporate IT. Stealth cloud is a major issue for organisations. Consumer cloud solutions are easy to access, simple to use and facilitate remote working. Given these attributes, it’s hardly surprising that nearly two-thirds of British workers want their day-to-day software provisioned via the cloud – and are prepared to take matters into their own hands if they don’t get it. This maverick approach has major security implications. The second an employee stores fil......

Spyware: The Next Generation

The world of IT continually creates new technologies and malicious software develops along with it. As we become more reliant on devices such as mobile phones, consoles and tablets, it is just a matter of time before hackers begin to focus on these technologies and develop tools that allow them to snoop on and steal the confidential information – including critical information you might have shared with someone daily. Mobile phones Spyware for mobile phones is actually quite common. So far these tools have been used for a few years by individuals, often in a relationship, to track the other person’s activity. An enterprising hacker though could take this a lot further. Your phone’s microphone could be used to record your telephone conversations. Does that sound farfetched? It’s not. The FB......

When Employees Leave Your Company, So Does Your Data

One in three (32%) employees have taken or forwarded confidential information out of the office on more than one occasion, according to a recent survey commissioned by information management company, Iron Mountain. When people change jobs, highly sensitive information is particularly vulnerable. The study showed that many employees have no qualms about taking highly confidential or sensitive documents with them when they leave – and most believe they’re doing nothing wrong. The survey discovered that half (51 per cent) of European office workers who take information from their current employer when they switch jobs – 44 per cent of those in the UK – are helping themselves to confidential customer databases, despite data protection laws forbidding them to do so. Along with databases, employ......

7 Tips To Avoid Computer Viruses On Valentine’s Day

Malware that uses events like Valentine’s Day, Christmas or Halloween as a lure to trick users and infect computers is now a well-established feature of the IT security calendar. Once again, this year it will be no surprise to see numerous emails in circulation with links for downloading romantic greeting cards, videos, gift ideas, or Facebook and Twitter messages related to Valentine’s Day. Social engineering is cyber-crooks’ preferred technique for deceiving users. In these cases it basically involves obtaining confidential information from users by convincing them to take a series of actions. Crimeware and social engineering go hand-in-hand: a carefully selected social engineering ploy convinces users to hand over their data or install a malicious program which captures information and ......

Employment Issues Relating To Social Media

Last week’s reports that an ex-employee from a US company is being sued ownership of his Twitter account and today’s story following the dismissal of a UK employee in relation to usage of LinkedIn highlights again the grey area in which social media operates. Employers have every right to seek to protect confidential company information by restricting LinkedIn and other profiles. Employers may regard information such as pay rates, details of customers, and business plans as confidential and may not want these to be posted on a public forum where competitors could see them. Employers commonly place restrictions on what employees can disclose outside the company and restrictions on a LinkedIn profile are a logical extension of this. The Twitter case in the US also focuses on the ......

What’s In Your Bin? How To Stop Document Disposal Causing Data Breaches

Disposal is not the same as destruction, as a recent UK study reveals that up to 40 per cent of London’s commercial bins contain confidential business documents. The study investigated bins located near a number of law firms, banks, hospitals and government agencies, discovering a concerning number of paper documents such as email print outs, letters and reports, many of which contained sensitive personal information. Every organisation develops processes to manage its information from the moment a new document is created, through periods of high activity (when many may need to access the document on multiple occasions) until its final destruction or long-term archiving. It is at the very end of this lifecycle that organisations appear to make mistakes. Document destruction is probably the......

How To Maintain Company Confidentiality Through Collaborative Working

If you’re an overworked IT manager, with an ever-expanding to do list and decreasing budget, I’d like to personally thank you for taking time out of your busy schedule to read this article. One reason that you find yourself increasingly busy in your day-to-day activity is probably down to your colleagues’ ever-changing IT requirements. Today’s fragmented workforce means document creation and distribution is a core activity for the majority of businesses, with workers frequently collaborating on and exchanging documents with colleagues, suppliers, partners, agencies, and customers remotely. This increasingly collaborative way of working means that business productivity and document security can be compromised. This trend is exacerbated by the consumerisation of IT, where employees are incre......

Are You Worried About Securing Your Big Data?

We are seeing a business phenomenon as a result of our reliance on all kinds of business data resulting in an explosion of information which we are aptly calling Big Data. It’s like music to the ears of storage vendors but is a reflection of the importance of how information is collected, processed, stored, searched (when you need to find something) and disposed of by businesses. Protecting corporate data is an emotive subject. Many IT Managers believe their data should be on computers located in their own offices and that they themselves are responsible for looking after it. Contrast this belief with that of CEO, CFO and CIO, all of whom would much rather their company data was stored in an expensively designed and well run data centre, if it is owned and run by a third party they can tru......

How Have 132 Local Councils Lost Our Private Data?

News has broken today that 132 local councils in the UK have lost private data, with more than 1,000 data loss incidents occurring since 2008. The report, released by Big Brother Watch following a number of freedom of information requests, also reveals that just 55 of these incidents were reported to the Information Commissioner’s Office (ICO). The UK public has little choice but to entrust local authorities with their personal data so the news that 132 councils have lost confidential information means this trust is being abused. Unlike the private sector, where customers can vote with their wallets and simply walk away from firms that lose their data, users of council services have no such freedom. It therefore becomes even more important that strict regulations are in place that both pre......