Response to the introduction of £500,000 fines by the Information Commissioner's Office is positive, however firms need to take action on network and employee security

News by Dan Raywood

Following the introduction of fines of up to £500,000 by the Information Commissioner's Office (ICO), claims have been made that a penalty could drag a company under.

Following the introduction of fines of up to £500,000 by the Information Commissioner's Office (ICO), claims have been made that a penalty could drag a company under.

Dave Everitt, general manager of EMEA at Absolute Software, said that the fines have the potential to make a serious dent in company finances, and yet 45 per cent of IT directors are not aware that they have come into force.

He said: “After a run of high-profile data losses in the press, consumers have got to be able to feel they can trust businesses and public organisations with their personal details. How many more cases of lost laptops and vulnerable data will we see before organisations realise they have to do more to reassure the public?

“The ICO is absolutely right in implementing these fines, but it also needs to better educate businesses so they understand they can take action to stop data loss. It doesn't have to be a case of just hoping it doesn't happen, businesses need to be more aware of who and what is available to help them avoid the fines. Burying their collective head in the sand simply won't help.”

Commenting was Sean Glynn, product manager at Credant Technologies, who claimed that in a week that has seen two councils leak data and the ICO slamming a further three councils for failing to protect its data, this is a sign that it is ramping up its investigations and rulings.

He said: “With the new penalties kicking in this week onwards for breaches of the Data Protection Act in the UK and others being introduced recently in the US such as the Massachusetts State Data Breach Law - IT managers need to understand that, without a multi-layered approach to security - underpinned by effective encryption technologies - data leaks like those of the last week will go on taking place.

“This is an issue that doesn't just affect public sector IT managers alone. Their counterparts in the private sector also need to wake up and smell the coffee as well.

“It's now crystal clear that, if IT managers don't get their act together in short order, there could be some hefty fines and even more embarrassing public enforcement notices being dished out.”

In agreement was Peter Bauer, CEO of Mimecast, who said that the fines are a clear sign that data protection must now be a top priority for an organisation.

He said: “In today's knowledge economy, corporate data is more valuable than ever and organisations need to recognise the responsibility that they have to ensure that the data within their network is secured at all times.

“While this report is a step in the right direction, too many organisations have inadequate systems in place to secure their data. Ninety four per cent of organisations have no solution in place at all to prevent data leaks through email. With a vast array of contractual information, customer data and intellectual property all contained within the average employee's inbox, this represents a huge risk to both businesses and public sector bodies.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews