|
Accueil / Home | |||
| Chercher / Search |
| Mensuel : | Edition de juin 2010 |
| Rubrique : | Informatique Bancaire/IT |
| Titre : | Data security – on the agenda of senior management ? |
| Article : | Data security is or should be on the agenda of senior management as the protection and privacy of data is ultimately in their responsibility. This not only since data has got a monetary value for certain employees.
During the current recessionary climate, many employees feel stressed and uncertain about their futures. Every week fresh announcements are made of job losses across industries. Financial pressures continue to mount for individuals. So it is unsurprising, perhaps, that some employees are likely to be tempted, in these uncertain times, to act against the interests of their employer as they try to shore-up their own financial position. There is a danger that they will see an opportunity to exploit the valuable and potentially sensitive data that your business holds - either by selling it or taking it to your competitors, or else using it to set themselves up in a rival business. Senior management’s estimation on the vulnerability of its own organization to such misconduct in many cases is lacking behind reality. Measures against potential information theft are not performed actively and effectively. Cases of data theft have risen on European level year on year. Investigation and legal redress are sought by the employer to protect its business interests. In the current economic climate, the number of such incidents is almost certain to increase further. While most thefts are carried out by individuals, also teams of employees are working against their employer. An aim is either to set up their own business or to join an existing competitor. In many cases employees have already left their employer before the thefts are discovered. The conclusion is that those companies are not doing enough to detect and prevent information theft in a timely fashion. So, what sort of information is being stolen? Research shows that the most common data is customer or client-related (dealing with customer relationships, levels of trading, pricing information, profit levels and so on) or customer lists. Only minority of thefts consisted of financial information (such as internal accounts, business plans, projections and forecasts). The most common method of transfer of stolen proprietary data by disloyal employees is via email and through taking hard copy print outs. USB memory sticks, data CDs or DVDs are used according to KPMG Data Loss Barometer in only a minority of cases, despite their low cost, relative ease of use, and (especially in the case of USB sticks) conveniently small size. The misuse of newer technologies is likely to become more prevalent from now on since data can also easily be stolen using smart phones, MP3 players, digital cameras and other types of digital media. Such data leakage, and the ease with which data can be stolen, is therefore clear evidence that too many companies are not doing enough to detect and prevent information theft in a timely fashion. To be straight - even if a company has introduced sophisticated data security controls, data could still be stolen. Where data theft is discovered or suspected, an immediate and decisive response is essential to recover stolen data before its release can cause damage to the company. To summarize: Data theft by employees is a genuine threat to organizations, particularly in the current economic climate. In the future, there is likely to be an ever rising trend among employees attempting to steal confidential data for their personal benefit when leaving their current employment. It is possible for businesses to take effective action against such actions, both in response to actual and attempted thefts of data, and to minimize the likelihood of data being stolen in the first place. Effective data protection policies, and the creation of a climate in which everyone recognizes the value of, and need for, integrity in the handling of sensitive commercial data, is vital if such thefts are to be prevented. By Michael Hofmann (Partner) and Thomas Thiel (Senior Manager) - with material from KPMG International, please refer also to www.datalossbarometer.com |
Retour début de page