This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Corporate data loss seen to be a collective responsibility

Share this article:
Corporate data loss seen to be a collective responsibility
Corporate data loss seen to be a collective responsibility

Three-quarters of respondents to a recent poll believe that data loss is a collective responsibility.

According to the poll on a recent SC Magazine webcast, 76 per cent of respondents believe that data loss is a collective responsibility, while 12 per cent blamed management and 12 per cent the individual ‘who sent it'.

Commenting, Tim Burnett, information security manager at Atos, said that there is a whole range of issues, as "every excuse under the sun will be made if you have a breach".

Speaking from Atos' own experience, he said that a memory stick with encrypted data was lost when a sensitive customer project was being worked on, and that hit the news and it had to take responsibility to make sure it was not using such USB sticks anymore.

He said: “So the first thing is putting the policy in place that says ‘USB sticks should not be removed from the room', and that was broken, and that all data on a USB stick should be encrypted and some was and some was not.

“If you don't have a structure in place that is consistent across the entire company, then you end up with a problem with people moving jobs and departments and don't understand the situation, so we had to put in place a blanket ban on USB sticks.

“We only allow the use of hardware encrypted USB sticks and they must be company-approved so we have a limited number of devices so we have reduced the number and we have strict controls on them.”

Speaking on the poll results, Burnett said that you can start with a policy that says ‘this is how you must or must not do data sharing' and admitted that it takes time to get there. “If it is a collective responsibility you have to have the company policies in place and they have to be clearly defined and understood by the employees,” he said.

“If the IT technology is there then why not use it? Ultimately employees are responsible for their own actions.”

Jeff Whitney, vice president of global marketing at Ipswitch File Transfer, said that it was interesting to see the numbers on breaches; following an SC Magazine and Ipswitch survey of information security professionals found that 99 per cent of respondents said it was ‘important' that their organisation offered secure file sharing.

Whitney said that there was plenty of ‘blame and pain' going on across the board, and accountability is a challenge.

“They'll say ‘everyone does the same thing, so how can you hold me accountable when it is an unauthorised company approach'," he said.

“IT of course gets held accountable, and they have to talk to the managing director about why this happened, and the managing director has to go to the board and has to explain that, so it is a very uncomfortable situation that overall people want to avoid for so many different reasons.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Turn off WPS on routers for WiFi security

Turn off WPS on routers for WiFi security ...

A Swiss researcher is advocating turning off WPS to secure routers after finding a flaw that eliminates the randomness of codes generated by some routers when WPS is switched on...

Apple's iCloud hacked, nude celeb photos posted

Apple's iCloud hacked, nude celeb photos posted

Questions have been raised about the security of Apple's iCloud service, after a hacker posted nude pictures of celebrities to the 4Chan forum, claiming they were obtained after a hack ...