This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Corporate data loss seen to be a collective responsibility

Share this article:
Corporate data loss seen to be a collective responsibility
Corporate data loss seen to be a collective responsibility

Three-quarters of respondents to a recent poll believe that data loss is a collective responsibility.

According to the poll on a recent SC Magazine webcast, 76 per cent of respondents believe that data loss is a collective responsibility, while 12 per cent blamed management and 12 per cent the individual ‘who sent it'.

Commenting, Tim Burnett, information security manager at Atos, said that there is a whole range of issues, as "every excuse under the sun will be made if you have a breach".

Speaking from Atos' own experience, he said that a memory stick with encrypted data was lost when a sensitive customer project was being worked on, and that hit the news and it had to take responsibility to make sure it was not using such USB sticks anymore.

He said: “So the first thing is putting the policy in place that says ‘USB sticks should not be removed from the room', and that was broken, and that all data on a USB stick should be encrypted and some was and some was not.

“If you don't have a structure in place that is consistent across the entire company, then you end up with a problem with people moving jobs and departments and don't understand the situation, so we had to put in place a blanket ban on USB sticks.

“We only allow the use of hardware encrypted USB sticks and they must be company-approved so we have a limited number of devices so we have reduced the number and we have strict controls on them.”

Speaking on the poll results, Burnett said that you can start with a policy that says ‘this is how you must or must not do data sharing' and admitted that it takes time to get there. “If it is a collective responsibility you have to have the company policies in place and they have to be clearly defined and understood by the employees,” he said.

“If the IT technology is there then why not use it? Ultimately employees are responsible for their own actions.”

Jeff Whitney, vice president of global marketing at Ipswitch File Transfer, said that it was interesting to see the numbers on breaches; following an SC Magazine and Ipswitch survey of information security professionals found that 99 per cent of respondents said it was ‘important' that their organisation offered secure file sharing.

Whitney said that there was plenty of ‘blame and pain' going on across the board, and accountability is a challenge.

“They'll say ‘everyone does the same thing, so how can you hold me accountable when it is an unauthorised company approach'," he said.

“IT of course gets held accountable, and they have to talk to the managing director about why this happened, and the managing director has to go to the board and has to explain that, so it is a very uncomfortable situation that overall people want to avoid for so many different reasons.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Samsung Galaxy S5 fingerprint scanner 'easily hacked'

Samsung Galaxy S5 fingerprint scanner 'easily hacked'

Single step authentication on Galaxy leaves PayPal accounts open to abuse say German researchers.

MSWin 8.1 users must update or lose security patches

MSWin 8.1 users must update or lose security ...

Organisations run the risk of being left defenceless against attackers unless they upgrade from MS Win 8.1

Communication gap indentified between IT and management

Communication gap indentified between IT and management

Bad news is filtered out of communicaiton to the C-suite and 63 percent of IT staff only start talking after a breach has taken place.