Tag Archives: Mr Lowe

Business smartphones suffer from data encryption deficit

A new study has found worrying evidence that a majority of smartphones used by businesses do not have any kind of encryption protecting the sensitive data which they store, leaving the door open for malicious parties to steal and corrupt corporate details and private information.

Seventy per cent of respondents to a survey carried out by security firm Check Point, said that the smartphones issued by their employers had no kind of encryption in place, while 87 per cent said that this extends across other portable storage solutions such as USB memory sticks.

The analysts claim that the study shows just how difficult it can be for IT departments to keep on top of device security, consequently making it much more difficult to counteract data loss, portable storage theft and unwarranted third party network access.

Two hundred and twenty people took part in the study and vulnerabilities were exposed in almost all of the businesses which they represent. The results are said to show that as workers move into operating more regularly in a mobile environment, the threats posed to data increase.

Many are attempting to step up efforts to stem the growth of potential data loss flaws by implementing the usage of secure VPNs on laptops, which was suggested by 52 per cent of respondents. Meanwhile, only 23 per cent said that they would be encrypting portable hard drives and a fifth said USB memory sticks would be getting encryption over the next 12 months.

Check Point’s Nick Lowe, said that because many businesses are going to increase the number of devices capable of storing data, the problems facing the security teams are becoming greater.

There is a general debate over who should be held responsible for the protection of data stored on a portable, mobile device, according to Mr Lowe.

Industry analyst Bob Tarzey, believes that with greater restrictions on personal device usage, many businesses will actually increase the number of employees who break regulations and so urges firms to employ sensible, inclusive practices, so that security can be assured without alienating the average employee.

Data protection deficit detected in UK corporate laptops

A study has found that a majority of laptops operated by corporations in the UK are not properly secured against data loss, theft or security breaches.

Security firm Check Point gathered data from 130 firms in the public and private sector and it concluded that a total of 52 per cent of laptops remain unencrypted and rife for exploitation by cybercriminals.

This figure is believed to be attributable to the fact that many organisations are pushing for widespread integration of personal devices, including employee laptops and smartphones, into corporate systems.

Fifty-five per cent of respondents said that personal devices were used by employees for work matters and 39 per cent asserted that, for the time being, there is no policy for adding to the security of these potentially hazardous additions.

Thirty-seven per cent of UK organisations have banned personal devices from being used for work, while 61 per cent have implemented restrictions on access from unapproved devices.

Check Point’s Nick Lowe explained that the findings of the survey are consistent with similar studies carried out over the preceding three years. This shows that encryption levels are stagnating and many firms are failing to recognise the potential for data loss or infection posed by the use of personal devices.

Mr Lowe implies that there is a discrepancy between the high profile examples of how a lack of encryption can be damaging and the number of businesses and public sector organisations who have actually taken heed of the warnings repeated over the years. He pointed to the data loss suffered by HMRC in 2007 as a case that should have inspired greater investment in encryption, but, as the figures show, has not.

Mr Lowe believes that many IT workers are concerned about the ongoing consumerisation of corporate systems which is progressing at a pace that leaves many exposed following an influx of unsecured personal smartphones and laptops. He thinks an increase in training as well as alterations to policy will allow businesses to tackle these issues and prevent data loss in the future.

Data leak costs Swiss bank £6.23 million

A data leak error by Swiss bank UBS is alleged to have cost the organisation £6.23 million, the equivalent of $10 million, according to a report in The Telegraph.

The error occurred when an employee accidentally emailed details relating to the flotation of American car manufacturer General Motors (GM) to a list of over 100 recipients. GM made news of the leak public after it alerted the Securities and Exchange Commission in the US.

The mistake by a UBS worker has led to the firm being ditched by client GM after it had initially proposed to involve the bank in a deal that could have been worth millions.

GM said in a statement that the data contained in the leaked email, was not representative of opinions within the motor firm and claimed that share holders would be within their rights to make claims for reparations, if UBS was retained as the underwriter in the forging of a major business deal.

Check Point security expert Nick Lowe told SC Magazine, that this type of error was easy to understand and something with which many people could sympathise. When using email, clients selecting the wrong contact list and then hitting send occurs all too frequently, according to Mr Lowe.

He pointed out that data loss can easily occur within relatively secure business systems if accidental leakages occur via email in this manner and said that it was difficult to prevent this type of loss, with businesses required to plan for the aftermath as a precautionary measure.

Mr Lowe said that the best way to stop employees accidentally leaking data in this manner is to prompt them to check that their email has appropriate content and is being sent to the appropriate recipients before it is lost in the ether.

Whether or not the bank will face regulatory action as a result of this incident is unclear, but the damage to its reputation and the loss of a major client should be significant punishment and a lesson to other businesses about the potential for disaster.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal