Tag Archives: Mr Dyhouse

Portable devices pose biggest risk to data security in 2011

A UK think tank has concluded that the prevalence of portable storage devices and mobile phones will be the biggest headache for those who want to protect data and ensure total system security over the coming 12 months.

The Digital Systems Knowledge Transfer Network has made this announcement, with director, Tony Dyhouse, saying that devices capable of storing data in a portable form factor, will allow cybercriminals the opportunity to exploit new security weaknesses in 2011.

It is not just the data storage abilities of these devices but also the fact that they can connect to wireless networks that makes them vulnerable, according to Mr Dyhouse.

He expects hackers to find new ways of hijacking the data being sent and received over Wi-Fi and Bluetooth, allowing criminals to act in a clandestine manner which is difficult to detect, while harvesting significant amounts of information.

Mr Dyhouse believes that the average user needs to wise up to the potential threats posed by using this type of device. He said that the firms which provide portable gadgets will not take responsibility for the security in the event of data loss and, as such, it is down to the end user to act as ultimate guardian of the details stored within.

The potential for human error to result in data loss or even for users to become complicit in data theft, is of great concern among security professionals and the think tank is urging organisations to make employees take responsibility for how they use portable devices.

Mr Dyhouse emphasised the fact that he is not expecting every user to become an expert in data protection overnight, but, instead, is seeking an improvement in the general level of understanding with regards to how cybercriminals operate and how they leverage social engineering to prey on their victims.

Mr Dyhouse told Infosecurity Magazine, that the government’s pledge of investing £650 million to help combat the threat of cybercrime was a positive step, but that when compared to the losses suffered by businesses, it is a fraction of what is required.

Experts criticise lax UK data privacy regulations

The adequacy of laws protecting the privacy of data in the UK have been brought into question by experts at a conference, with the implication being that other European nations have tougher regulations and better levels of data privacy.

The exponential and perpetual increase in the volume of private data being stored by businesses and organisations of all types is leading to growing concern amongst data protection specialists and privacy campaigners. The Fine Balance 2010 conference which took place last week saw criticism levelled at the way in which the UK manages data.

Various key figures from the UK were present, including representatives from the NHS and the Information Commissioner’s Office (ICO). In previous years the event has dealt with high profile data losses, but in 2010 it has examined whether current regulations are capable of ensuring adequate protection for sensitive data.

Various experts from both technical and legal disciplines spoke about the UK’s perceived lack of consistency when it comes to protecting private data, which many believe to compare poorly with other countries in the EU.

The coalition government’s removal of ID Cards received a positive response from data security expert Tony Dyhouse. However, Mr Dyhouse was sceptical as to whether the ICO had been given enough power to adequately tackle the threats to private data, whether it be a lack of culpability amongst businesses or an uninformed public.

Privacy campaigner Simon Davies highlighted what he believed to be the ICO’s lack of authority by pointing to the recent data harvesting carried out by Google via its Street View vehicles, which led to heavy repercussions from its contemporaries in Germany, France and elsewhere in Europe. The ICO decided to cancel a formal investigation into the matter because Google said that the collection had occurred accidentally.

Mr Davies said that after talking to an anonymous Google engineer he is convinced that the likelihood of the data being captured over an extended period without Google’s knowledge is extremely low.

The ICO’s Jonathan Bamford took a different stance at the conference, saying that a greater degree of responsibility for data security must be accepted by the individual.

Data loss prevention inadequate, says expert

Data security expert Tony Dyhouse has called for public and private sector organisations to radically change the way in which they deal with data protection and backup. Writing for V3.co.uk Mr Dyhouse proposed that the creation of a culture of constant data security can be the only solution to the continual stream of data loss incidents.

The embarrassment and the damage caused by data theft and loss has weakened public trust in a whole host of organisations in recent months, with thefts from within St Albans City Council and a pair of NHS premises cited by Mr Dyhouse as symptomatic of the wider problem.

Mr Dyhouse said that the main problem is not occurring at the level at which most IT managers typically focus their attention; namely the security and encryption of networks and data storage systems themselves. Rather, it is rather simplest steps that are overlooked, allowing data to leak through channels that should be plugged.

In his article Mr Dyhouse suggests that the main reason for data security being demonstrably inadequate in many businesses is that there is simply not enough being done to reinforce the importance of proper protection and storage techniques with the relevant people in these organisations.

The argument extends beyond the protection of data alone, with Mr Dyhouse adding that if data is stored on a single hard drive rather than remotely on a unified server system, there is no way of knowing whether adequate backup and updates are taking place. With private information relating to millions of customers handled by certain organisations, the policies that those in charge implement in order to keep the data safe are seen to be disproportionate to the size of the risk which is posed by loss or theft.

The Information Commissioner’s Office (ICO) outlines the key strategies that businesses and public organisations are encouraged to employ in order to ensure that they are able to adequately address the threats that face their data. However, Mr Dyhouse believes that in a majority of cases these are being ignored.

The proposed solution can only be effective if proper data security and backup practices are made a mandatory part of daily life, with contingencies in place to deal with any event may breach the established rules.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal