This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Corporate data loss seen to be a collective responsibility

Share this article:
Corporate data loss seen to be a collective responsibility
Corporate data loss seen to be a collective responsibility

Three-quarters of respondents to a recent poll believe that data loss is a collective responsibility.

According to the poll on a recent SC Magazine webcast, 76 per cent of respondents believe that data loss is a collective responsibility, while 12 per cent blamed management and 12 per cent the individual ‘who sent it'.

Commenting, Tim Burnett, information security manager at Atos, said that there is a whole range of issues, as "every excuse under the sun will be made if you have a breach".

Speaking from Atos' own experience, he said that a memory stick with encrypted data was lost when a sensitive customer project was being worked on, and that hit the news and it had to take responsibility to make sure it was not using such USB sticks anymore.

He said: “So the first thing is putting the policy in place that says ‘USB sticks should not be removed from the room', and that was broken, and that all data on a USB stick should be encrypted and some was and some was not.

“If you don't have a structure in place that is consistent across the entire company, then you end up with a problem with people moving jobs and departments and don't understand the situation, so we had to put in place a blanket ban on USB sticks.

“We only allow the use of hardware encrypted USB sticks and they must be company-approved so we have a limited number of devices so we have reduced the number and we have strict controls on them.”

Speaking on the poll results, Burnett said that you can start with a policy that says ‘this is how you must or must not do data sharing' and admitted that it takes time to get there. “If it is a collective responsibility you have to have the company policies in place and they have to be clearly defined and understood by the employees,” he said.

“If the IT technology is there then why not use it? Ultimately employees are responsible for their own actions.”

Jeff Whitney, vice president of global marketing at Ipswitch File Transfer, said that it was interesting to see the numbers on breaches; following an SC Magazine and Ipswitch survey of information security professionals found that 99 per cent of respondents said it was ‘important' that their organisation offered secure file sharing.

Whitney said that there was plenty of ‘blame and pain' going on across the board, and accountability is a challenge.

“They'll say ‘everyone does the same thing, so how can you hold me accountable when it is an unauthorised company approach'," he said.

“IT of course gets held accountable, and they have to talk to the managing director about why this happened, and the managing director has to go to the board and has to explain that, so it is a very uncomfortable situation that overall people want to avoid for so many different reasons.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

VC cyber security funding tops £850 million

VC cyber security funding tops £850 million

A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.

Russian/Chinese cyber-security pact raises concerns

Russian/Chinese cyber-security pact raises concerns

News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.

UK police arrest trio over £1.6 million cyber theft from cash machines

UK police arrest trio over £1.6 million cyber ...

London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.