Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Free Guide Available To Best Practice Data Security

Network Box : 21 May, 2010  (New Product)
Network Box has made a free guide available for the business community to enable them to implement best practices in IT security
A new guide for businesses on how to secure data is available from managed security company, Network Box. The guide is designed to give guidance to companies on best security practice to avoid a security breach; and is available free from Network Box's website.

From April 2010, the Information Commissioner's Office in the UK has greater powers to enforce data security regulations (including the power to fine companies up to £500,000 for the most serious breaches), and this has made good security even more important for businesses.

Organisations keep more data, and for longer, than ever before. Much of this data - customer records, financial information or personal identity details - has a value to cyber-criminals, and any organisation that holds sensitive data could be targeted by a hacker. Whether it's stealing an identity, launching a phishing campaign, or cloning credit card information, consumer data has intrinsic value to cyber-criminals, so must be kept secure.

The Network Box Guide to Compliant Security in the UK includes opinion from James Pickering, a commercial litigation barrister, on interpreting the data protection laws (but it is not designed to give or replace legal advice to companies on compliance). Pickering's full opinion on the legal aspects of compliance can be read here.

The guide includes advice on best security practice, such as:

• Avoiding or minimising the risk of human error (the cause of most data breaches), from phishing attacks to leaving an unprotected laptop on a train
• Planning for a security breach, such as system redundancy; and a breach notification plan (voluntary at the moment, but likely to become mandatory within the next two years)
• Reviewing third party suppliers that host data, such as CRM systems or financial systems providers (including web or mobile payment providers); and ensure that they are PCI DSS compliant
• Encrypting data and using strong password authentication, particularly for mobile devices, laptops and data sticks
• Checking all data that leaves the building (via any channel, including IM), as well as data that enters it, to prevent unauthorised transfer of data
• Securing more than just email. 2009 saw a clear move by cyber-criminals towards focusing on exploiting vulnerabilities in applications, web browsers and servers, rather than just mailing executable code
• Reviewing all applications and systems across the organisation regularly, to check for vulnerabilities; and setting clear user rights (see Network Box's guide to monitoring applications)
• Ensuring that all data is routed through the appropriate channels and doesn't bypass security systems (for more information, see Network Box's guide to routing)
• Educating employees on their role in keeping the organisation secure; and limit access rights to certain applications or platforms
• Using secure VPNs, so data doesn't have to be moved, on, for example, a laptop or memory stick; and ensure that home or remote workers have the same levels of security as the rest of the organisation (see Network Box's guide to remote working for more information)
• Preventing employees from downloading anything that isn't approved by the security team, such as peer to peer software, that might leave a 'back door' open into the organisation.

Simon Heron, Internet Security Analyst for Network Box says: "There's a lot of confusion among companies about what they should do to be secure. At InfoSec this year we heard a number of companies who are concerned, but who are unsure what to do. We hope this guide will help organisations put in place security measures to avoid a security breach. The cost of cleaning up after data breach - both financial and in reputation terms - can be enormous."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo