SMEs ‘can improve data security in small steps’

Published on 26 June 2012.

Businesses need to make small changes to improve their data security, it has been said.

Small and medium-sized enterprises (SMEs) have been advised that they can improve their data security by making a few changes.

Managing director of Encription.co.uk Tony McDowell suggested companies undergo security training, as this will give them a broader understanding of the risks to their sensitive data.

He also stated that passwords are essential. “If there’s an eight-character password, which has uppercase, lowercase, special characters and numbers – it would take us 64 years to crack it,” Mr McDowell said.

It was added that SMEs should not be complacent if they have anti-virus protection, as this only accounts for a small part of data protection.

“There’s no silver bullet to IT security,” Mr McDowell added. Therefore, he went on to say businesses need a number of IT safety devices to ensure their information is not at risk of being leaked.

This comes after BDO Consulting recently revealed that 71 per cent of firms consider data security and technology breaches to be serious risk factors this year, a rise from 44 per cent in 2010.

Posted by James Rendell

BYOD devices ’cause for concern for data security’

Published on 24 June 2012.

Bring your own device (BYOD) policies could breach data security regulations for businesses.

Companies considering allowing employees to use their personal laptops, tablets or smartphones at work have been warned that this may breach their data security strategies.

Phil Gillard, general manager at SolutionsPT.com, said bring your own device (BYOD) policies in workplaces have many advantages for businesses. However, he noted that one of their disadvantages is they risk sensitive information being leaked.

He went on to tell companies that there is security software available that can help overcome these issues.

“[This] allows you to wipe all the data off a particular iPad or Android device in the event that it’s stolen – or when people enter the wrong password five or six times,” Mr Gillard stated.

His comments follow those of Alex Rabbetts, managing director of Migration Solutions, who recently noted that businesses are increasingly reliant on electronic equipment to store accounts and payroll information, HR details and ongoing projects. Therefore, having a security system on these devices is crucial to keep this data safe.

Posted by James Rendell

Ireland succeeds in WEEE recycling initiatives

Published on 23 June 2012.

Ireland has nearly doubled waste electrical and electronic equipment targets for the EU.

Ireland is doing well in recycling waste electrical and electronic equipment (WEEE), a report has found.

WEEE Ireland has revealed that the nation collected 445 tonnes of batteries in 2011, which exceeds EU targets, according to the Journal.

The report also showed that every person in the country recycled 7.88 kg of electronic goods on average in 2011, which amounts to nearly 11 million items in total.

EU targets for recycling WEEE products is 4 kg, showing that Ireland nearly doubled these goals, the newspaper revealed.

The chief executive officer for WEEE Ireland Leo Donovan said, while the achievements last year were good, “2011 was a very challenging year for our industry”.

He noted that one of obstacles was the rise in leakage of WEEE, adding “this illegal activity is one of the biggest challenges the industry faces”.

Earlier this year, the Information Commissioner’s Office advised businesses to dispose of their WEEE in a proper manner to ensure they do not throw away hard drives that contain sensitive data.

Posted by Otto Greenberg

Angus Council encourages residents to recycle electronic items

Published on 22 June 2012.

Waste electrical and electronic equipment (WEEE) recycling is being promoted in Angus.

Angus Council is trying to raise awareness of recycling waste electrical and electronic equipment (WEEE) so residents cut down on their rubbish.

It has launched the initiative as part of Recycling Week, which began on Monday (June 18th).

The local authority has teamed with electrical equipment producer Repic to handle the waste, which includes household items such as toasters, hairdryers and kettles.

Convener of Neighbourhood Services at Angus Council Donald Morrison said there are 173 million new electrical items bought every year in the nation, with many of these being discarded once they no longer work or are replaced.

“I would urge Angus residents to dig deep into their lofts, cupboards and basements for all those unwanted and broken small electrical items and recycle them,” he stated.

Angus Council officers will be joined by a representative from Repic at recycling centres throughout the week in an attempt to raise awareness of how to handle WEEE items.

This comes after Richard Costin, managing director of procurement company Banner Business Services, recently advised businesses to be careful they are meeting regulations when recycling their WEEE items. He added that it is important they protect their data security and properly dispose of sensitive information.

Posted by Salma Davidson

NHS trust fined for data protection breach

Published on 6 June 2012.

The Brighton and Sussex University Hospitals NHS Trust has been fined by the Information Commissioner’s Office.

The Information Commissioner’s Office (ICO) has issued a £325,000 fine to the Brighton and Sussex University Hospitals NHS Trust following a serious breach of the Data Protection Act.

The organisation failed to carry out the correct data destruction procedures when selling hard drives on an internet auction site, leading to sensitive personal data belonging to thousands of patients and staff being inadvertently made public.

Some of the information related to HIV and genito-urinary medicine patients, the ICO revealed.

Deputy commissioner and director of data protection David Smith said the scale of the fine reflects the seriousness of the organisation’s error in accidently making this information public.

“It sets an example for all organisations – both public and private – of the importance of keeping personal information secure,” he suggested.

Mr Smith added that the trust has “failed significantly” in its duty of protection to patients and staff.

The Aneurin Bevan Health Board recently became the first NHS organisation to be fined by the ICO.

Posted by James Rendell

ICO to provide anonymisation advice

Published on 5 June 2012.

The Information Commissioner’s Office has launched a consultation on anonymisation.

The Information Commissioner’s Officer (ICO) has announced plans to launch a public consultation on the anonymisation of data, a security measure that converts personal information into a form which prevents individuals mentioned from being identified.

This could help companies which process this kind of information with their data security processes, making it harder for criminals to steal sensitive files from organisations.

Information commissioner Christopher Graham said the fact that increasing amounts of data is entering the public domain makes considering measures such as these necessary.

“Anonymisation can allow organisations to publish or share useful information derived from personal data, whilst protecting the privacy rights of individuals,” said Mr Graham.

He added that organisations need to take into account the risks and benefits of anonymisation to their data security policies before making a decision.

The process has been criticised by certain pundits in the past, with IBM Systems Magazine suggesting “rich data sets” can pose a problem when being published.

Posted by Christy Gallant

WEEE ‘is a valuable resource’

Published on 4 June 2012.

Local authorities should know how to deal with WEEE, an expert has claimed.

It is important that waste electrical and electronic equipment (WEEE) is dealt with properly by local authorities, an expert has suggested.

This is because it can be a valuable resource which can often be re-used and benefit the UK economy in a variety of ways, according to EnviroCon chief executive officer Sean Feeney.

Writing in Waste Management World, the expert suggested that it is important local authorities come to terms with regulations as legislation becomes stricter and electronic items become more common and complicated.

“Local authorities need to be more challenging of their contracted compliance schemes to ensure they work in closer partnership with all aspects of the supply chain,” added Mr Feeney.

It is important third parties such as small charities are also aware of the necessity of compliance, he concluded.

A recent survey from Devoteam found that only 44 per cent of small-to-medium enterprises have green IT policies in place.

Posted by Otto Greenberg

American Express stresses importance of data

Published on 3 June 2012.

It is important companies store as much data on customers as possible, American Express has claimed.

Collecting as much customer data as possible is the best way for businesses to thrive over the coming years, according to American Express.

Much of the necessary information is currently remaining uncollected because of data security concerns, indicating the importance of a solid safety process in helping companies progress.

American Express group president Dan Schulman told delegates at the Open Mobile Summit event in London that data remains the “holy grail of digital commerce”, reports V3.

“We’re battling over security and privacy issues. It’s a thorny journey,” he added.

Currently, there is a great deal of public concern over giving up personal information because many people are uncertain that it will be stored or disposed of safely.

Chester Wisniewski, a senior security adviser at Sophos, recently told PC Advisor companies should not hoard data unless they are certain they can store it securely, as this puts them at the risk of some kind of security breach.

Posted by Clive Notting