Compiled by: Background Check Guide
Tuesday, 24 April 2012
Wednesday, 18 April 2012
Poor mobile security exposes firms to significant risk
As published on Computer Weekly
To learn more about how we can help protect your data, click here
UK organisations of all sizes are opening their IT systems to security risks by failing to respond to the trend of employees using their own mobile devices for work, a study has revealed.
Only 39% of large organisations encrypt data downloaded to smartphones and tablets, according to the preliminary findings of the 2012 Information Security Breaches Survey by PricewaterhouseCoopers (PwC) and Infosecurity Europe.
The survey of security professionals at more than 400 organisations found 75% of large organisations and 61% of small businesses allow staff to use smartphones and tablets to connect to their corporate systems.
Yet only 39% of large businesses apply data encryption on the devices. This falls to 24% with SMEs.
A substantial 82% of large organisations and 45% of small businesses reported security breaches caused by staff, while 47% of large organisations and 20% of small businesses said staff lost or leaked confidential information.
The survey shows that personalisation is creating new security threats, from malicious software and data loss. Organisations that allow personally owned devices tend to have weaker controls than those that allow corporate devices only.
Chris Potter, PwC information security partner, said that, with the explosion of new mobile devices and the blurring of lines between work and personal life, organisations are opening their systems up to substantial risk.
"Smartphones and tablet computers are often lost or stolen, with any data on them exposed. Mobile devices can literally drill straight through your security defences, if you’re not careful," he said.
However, the survey shows organisations are not responding to these new challenges. "Just as we saw a decade ago with computer viruses, companies are slow to adjust their controls as technology usage changes," said Potter.
It is vital of organisations to tell their staff about the risks, he said, otherwise employees could inadvertently become a significant security threat.
"It’s clear how important Smartphones and tablets have become - as confidential data is increasingly stored on them, the chance of data breaches increases," he said.
Some 54% of small businesses and 38% of large ones do not have any kind of programme for educating their staff about security risks, the survey found. Only 26% of respondents with a security policy believe their staff have a very good understanding of it, while 21% think the level of staff understanding is poor.
Three quarters of organisations whose security policy is poorly understood, admitted having staff-related security breaches in the past year.
One in seven organisations that give a high or very high priority to security have not written down their policy; most of these are small businesses that rely on word of mouth instead, but only a third think their staff fully understands it.
Companies that have invested in staff awareness training are reaping the benefits, as they are four times as likely to have staff who clearly understand the security policy, and half as likely to have staff-related security breaches as organisations that don’t train their staff.
Potter said setting out security is essential to ensure staff know what risks to look out for, how to handle data appropriately and what to do if a breach occurs.
"The root cause of security breaches by staff is often a failure by organisations to invest in educating staff about security risks. Yet organisations are failing to promote a culture of security awareness so staff are often unaware of the risks they’re posing," he said.
According to Potter, breaches often occur through ignorance rather than malice. "Having a security policy by itself does not prevent breaches; staff need to understand it and put it into practice," he said.
Full results of the survey will be presented by PwC on 24 April at Infosec Europe 2012 in London.
Tuesday, 20 March 2012
Thursday, 26 January 2012
Are unapproved devices within your network?
Businesses are allowing unapproved devices to be used within their business as workers increasingly want to use their own computers at work before companies draw up bring-your-own-device (BYOD) policies.
This is diverting attention away from IT projects. A total of 44% of IT managers said that handling issues around staff bringing their own devices was wasting time and reducing the time spent on other IT projects.
According to research commissioned by Cisco and carried out by Redshift Research, 48% of the 1,500 IT managers in Europe and North America surveyed said their businesses would never authorise the use of employees’ own devices. But it also revealed that 57% believed workers are using their own devices without permission.
Furthermore, over half (51%) of those interviewed said that the number of workers bringing their own devices to work was increasing.
The US reported the highest number of businesses where workers were using their own devices without consent, with 63% of IT managers saying this was the case.
Despite the distraction, most CIOs support schemes to allow employees to use their own devices at work, according to the Technology Industry Survey 2012 of 650 IT professionals, conducted by IT recruitment firm Mortimer Spinks and Computer Weekly.
The survey revealed that 60% of CIOs and CTOs think employees owning and operating their own IT equipment would be a good thing for the IT department.
As published by Computer Weekly
--------------------------------------------------------------------------------
UK IT budgets under pressure in 2012
UK IT budgets will remain flat in 2012, a worldwide survey of more than 2,500 IT professionals has revealed.
The Computer Weekly and Tech Target survey, which had responses from more than 200 UK senior IT professionals, showed that IT spending in Europe has been hit harder by the recession than spending in the US and Asia.
In the UK, 50% of IT professionals said their IT spending would either decrease or remain the same in 2012.
Nearly 40% of UK IT professionals said their organisations are recovering slowly from the downturn, and 30% said they are still struggling.
IT investment
Despite the tough economic conditions, some 38% of IT professionals expected their IT budgets to increase in 2012, with 21% expecting an increase of 5% or more.
“I think what you are seeing now is the realisation from some IT departments that they can’t delay spending any more,” said Ovum analyst Roy Illsley, commenting on the research findings.
“Some people have really cut back too far, and others realise if they make investments now, that would make them more agile when the upturn comes,” he added.
IT supports business growth
The focus for 29% of UK IT departments in 2012 will be to expand IT to support the growth of the business, with business analytics featuring strongly in many organisations' plans.
Around a quarter will concentrate their spending in a few key areas of IT, while 19% aim to reduce business costs by automating business processes.
Some 15% of IT departments have the more modest ambition of maintaining their service levels despite a flat budget, while 14% will focus on reducing their IT spending.
As published by Computer Weekly
Tuesday, 11 October 2011
Monday, 10 October 2011
What is the real cost of a network? Don't be fooled into only looking at the CapEx costs.
When looking to invest in hardware, all too often it is the intial capital expenditure that influences the hardware selection, however, research has shown that this is only a small part of the overall cost of the network.
Cap Ex only rates as 28% of the overall cost of the network.
More importantly, other factors need to be taken into consideration:
Labour Costs - this amounts to a staggering 49% of the overall cost of the network
Bandwidth - 14% of the operating costs of the network comes from connectivity costs
Service/Maintenance - amounts for 8% of the operating costs
Energy - with rapidly rising pricing, the current 1% of the running costs could be on the increase
So what do you need to consider when making your hardware selections?
Labour costs are the greatest factor when considering Total Cost of Ownership (TCO) so it is important to consider how you can reduce the labour required to maintain and operate your network.
1) Look for ways in which you can reduce network management - opt for a converged network with data and voice sharing the same platform reducing administration
2) Opt for hardware that provides scalability, with longer refresh cycles and choose hardware that provides multiple features e.g routing, switching, wireless, security in one box
3) Consider device uptime - highly performing, reliable, up to date devices should be more reliable and reduce the time required for management and issue resolution
4) Opt for highly secure devices - not only will the risk of data breaches and subsequent time and cost considerations be reduced but less money will be required to maintain and manage them
5) Only consider devices that support centralised management, particularly if a multi-sited business. Once you are able to centrally control and update devices, you will save an enormous amount of time and effort.
6) Know your network - if you don't know how your network is set up, what devices you have or what software and warranties are in place you could be looking at a very time consuming task. Increase your network knowledge by carrying out an audit or enlist the services of an external IT provider to audit and document your network. Once you know what you are dealing with you can ensure that your time and money is used wisely.
Subscribe to:
Posts (Atom)