Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

T-Mobile breach demonstrates ease of data theft

Redstone Managed Solutions : 20 November, 2009  (Technical Article)
Martin Blackhurst of Redstone Managed Solutions comments on the data loss reported from T-Mobile and how company staff can pose a significant threat
The T-Mobile customer data breach shows that, sadly, a company's own staff can be 'the enemy within' and pose more of a threat than criminals breaking in from outside.

The human factor in data leakage is not new, but that does not make it any less important. Employees and hackers have been walking out (literally and virtually) with company data for years. The only difference is that now more systems are online, visible and more readily available to employees. Sending data via e-mail or copying to USB devices is clearly much easier and quicker than walking out with half a filing cabinet under your arm.

To counteract this, technology can be used to 'tag' files or their locations. Policy can be applied based on the tagged items to prevent e-mailing, printing, copy and pasting etc. But technology can only go so far if a company has not taken a strategic approach to recruiting staff and assigning levels of clearance - for example, running a check on a potential employee's background or deciding whether or not certain data should be open to being printed or saved on a removable device.

With remote working becoming more common, data is nearly always held on end devices such as memory sticks and CDs. This makes encryption an absolutely key part of a company's security policy. An additional step is to put constraints on the type of USB device to narrow down the possibility of data being moved onto other devices eg, ipods.

The more a company manages potential the risk of data theft or loss up front, the more it will ultimately save time and effort. An uncoordinated approach will generally be ineffective, leading to poor protection and wasted time.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo