Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Companies Avoiding Free Security Audits

Randomstorm : 13 July, 2011  (Technical Article)
RandomStorm comments on the refusal of many companies to undergo a free audit from the UK Information Commissioner's Office

A compliance and security management specialist has commented on the Information Commissioner’s findings that just 19 per cent of private businesses contacted by the Information Commissioner’s Office (ICO) accepted a free data protection audit to ensure the confidentiality, integrity and availability of information stored on their IT systems. This finding is in spite of the fact that almost one third of the data breaches reported to the ICO in the last twelve months were suffered by privately held organisations.


Robin Hill, co-founder of RandomStorm, commented, “It’s worrying to see that companies are apparently avoiding security audits. However, the ICO’s report is not surprising. It constantly amazes us how many companies still don’t take simple precautions such as changing manufacturers’ default passwords on devices like routers, servers and modems and updating vulnerable applications as soon as patches are released.  Failure to do this leaves their networks, websites and databases wide open to hackers. Any data controller has to take the view that if they are storing information that could be of interest to competitors or criminals, they a potential target for hackers.  If organisations are concerned about an audit they should think about calling in security experts to test and tighten up their systems before the ICO calls.”


RandomStorm is a government approved CESG CHECK scheme member. CHECK qualified staff undertake vulnerability testing on public sector IT systems that store protectively marked information up to and including “Confidential” information. The company has also been certified as a Qualified Security Assessor by the Payment Card Industry Security Standards Council, enabling RandomStorm personnel to carry out audits to ensure that merchants comply with the Payment Card Industry Data Security Standard (PCI DSS).

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo