Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

FutureSoft warns of increasing penalties to organizations for data breaches

FutureSoft : 02 June, 2009  (Technical Article)
In light of the recent UK Information Commissioner report and continued high profile public sector data breaches, FutureSoft advises updating policies to prevent costly penalties in the future
Recent data losses by councils, the MoD and NHS, as well as a forceful policy lead from the Information Commissioner, has lead FutureSoft, a developer of information security and connectivity solutions, to advise public and private organisations to tighten up data security policies or face increasing penalties. Outgoing Information Commissioner, Richard Thomas, has recently endorsed calls for a re-write of the EU data protection directive following the publication of a critical report by the RAND institute, commissioned by the ICO last year.

With more and more data being stored by organisations and transferred by removable media, including the NHS, which is now storing patient records electronically, organisations need to address their security policies to safeguard the data that they hold to protect personal data, as well as avoiding penalties and distrust. The regulator, soon to acquire new powers, is becoming more active and willing to exploit regulatory authority to the full, in pursuit of explicit policy objectives.

"Any data handler that loses sensitive personal data, having failed to take reasonable precautions, will face civil monetary penalties under forthcoming legislation", explained Tim Farrell, CEO and co-founder of FutureSoft. "Following revelations of the loss of sensitive data by the MoD and NHS over the past month, the public and private sector must realise that unless they address the security of endpoint devices they'll lose out. Data controllers failing to protect sensitive data face reputational damage, commercial losses and a regulator who can, and increasingly will, make them pay."

Whilst advocating the retention of basic data protection principles, Information Commissioner Richard Thomas explicitly criticised the current Directive which underpins the UK's Data Protection Act as 'showing its age', arguing that 'laws must concentrate on the real risks that people face in the modern world'. The report furthermore advocates a rewrite of sanctions based on the damage caused by breaches and called for monetary penalties to provide a compensation fund to victims of data loss. This is in addition to existing powers to prosecute and those it is set to acquire to levy civil penalties under the new s.55A of the Data Protection Act. It wants sanctions to be proportionate to the harm caused by a data breaches.

"Monetary sanctions are here to stay. The regulator wants more powers to enforce and punish and has signalled its increased willingness to hold 'businesses and governments accountable if things go wrong'," concludes Farrell. "It is vital to protect not just information assets but those who are harmed by the loss of data. Recent data breaches, in the NHS for example, have been caused by the roll-out of poor security policies. The message is clear: both in the short and the long term, organisations have got to step up to the challenge of a stronger Data Protection regime or else pay the price."

To help address these problems, IT managers need to consider powerful security solutions such as FutureSoft's DynaComm PointGuard, which provides a full 360-degree view of a corporation's network and endpoint security. The solution also provides centralised, simple-to-manage anti-spyware and anti-virus solutions and its granularity enables IT managers to control access to files, applications and removable devices without harming business flexibility.

"PointGuard truly provides a comprehensive, 360-degree view of a corporation's system network and endpoint security," concludes Farrell. "Organisations of all kinds, from governmental bodies down to doctor's offices can maintain total visibility across their network, ensuring corporate assets are protected and that managers and administrators have a clear view of security issues."

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo