Armour Comms launches first secure Voice over IP... » London: Armour Communications has announced its integration with Skype for Business. Armour Mobile i... Anam Technologies selected by Deutsche Telekom a... » DUBLIN, BONN:  Anam Technologies has gone into partnership with Deutsche Telekom International Carri... 6.7 percent of programmes on private UK PCs are en... » Maidenhead, U.K: The average private user in the UK has 72 programmes installed on their PC, and 6.7... Multitone’s EkoSecure Personal Alert System chos... » Multitone Electronics plc has announced that its German-based team, Multiton Elektronik GmbH, has su... IoT 2020: Smart and secure IoT platform » Geneva, Switzerland: The Internet of Things (IoT) significantly impacts the global economy and is ex... Letterbox company to keep properties safe with inn... » A specialist mailbox manufacturer has made a pledge to enhance the security of UK properties through... MDS expands portfolio of cost analytics solution... » Warrington, UK: MDS has announced the launch of a suite of cost efficiency analytic solutions design... Post-Truth, Post-West, Post-Order? » Munich Security Report 2017 With Foreword By Ambassador Wolfgang Ischinger, Chairman of the Munich ... NuData Security comments on fraud costing the UK £... » Crowe Clark Whitehill has just released its Financial Cost of Fraud report  which states that fraud ... Edesix selected as body worn camera provider for U... » Edinburgh-based Edesix Ltd. has been selected as the Body Worn Camera provider of choice for Her Maj...

CLICK HERE TO

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Case Studies

Only 18% of British office workers, who use a personal account/device to access work files or emails, say that data is always encrypted by their employer

Better education is still needed to improve personal IT habits

LONDON, UK: A new online survey just released by WinMagic Inc. and conducted by YouGov, has highlighted the risks to corporate data from poor encryption, and employee use of unauthorised and inadequately protected devices. The survey of British office workers found that 42% use devices not provided by their employer to work with corporate e-mails and files. Half (52%) also use personal online accounts, such as Enterprise File Sharing Services (EFSS) to store or access work files – with only 34% saying they have never done so.

Office workers claim to use a wide range of personal devices to store or access work files and systems including laptops (30%), smartphones (22%) and USB Storage devices (17%). The top three personal online accounts used by office workers to store and access work files are Hotmail (14%), Gmail (13%) and Dropbox (10%).

Yet these personal devices often lack the same level of security that an enterprise would employ, putting corporate data at risk. For example, only 52% of respondents protect all their devices with up to date security software. Although it is the employee’s responsibility to protect personal devices, employers need to do more to control and protect the way in which corporate data is moved. Otherwise, data leaves the organisation without the correct security controls in place – ultimately it should always be under the protection of the organisation, even when it exits the firewall.

Corporate data unprotected in the wild

Only 18% of office workers surveyed said their employer always encrypted the files accessed through personal devices or stored on personal online accounts. Working on data remotely helps employees be flexible and productive, however, one of the most common ways for data breaches to occur is through the loss of a device. An unprotected device, with unencrypted corporate data may include credit card, medical, or other personal customer data, as well sensitive corporate data and systems, open to use by unauthorised individuals. Such losses and limited protection, can lead to identity fraud and a company failing to meet the standards expected by regulators, such as the Information Commissioner’s Office (ICO). The EU General Data Protection Regulation (EU GDPR), will apply to UK companies from 2018 that are ‘controllers’ or ‘processors’ of European personal data, regardless of the UK decision to leave the European Union. There are stringent rules on the management of personal data, and hefty fines for failures that lead to a breach, accidental or otherwise. Personal data will include identifiers such as an account numbers and even IP addresses.

Mark Hickman, Chief Operating officer at WinMagic, commented: “IT departments need to consider carefully how they strike the balance between giving employees the flexibility they need, and ensuring the security of corporate data. Achieving that requires a combination of software and employee education, to help improve personal IT habits that are out of control of the workplace. This is one of many areas where encryption can play a key role, protecting data stored in the cloud and on remote devices, on personal as well as corporate accounts. Encryption remains the last line of defence, when an online account is breached or a device lost.”

Passwords still a risk

Recently publicised data breaches are just a few of the examples that have led to millions of usernames and passwords getting into the hacking community. With, 26% of office workers admitting they use the same password for some of their work account and personal online accounts, hackers are gaining direct access to both employer and personal accounts. 5% stated they use the same passwords for all work and personal accounts.

Despite admitting the failings of their home security habits, 20% of office workers stated their company allows the use of personal online accounts and devices to access work files, if employees have adequate security software installed. A further 35% confessed that they should not use personal accounts and hardware at all according to their company policy.

Hickman continued, “Employees are simply trying to get their job done as efficiently as they can, but are often unaware of the risks they could be exposing their employer to. With effective device and encryption management strategies, IT departments can provide transparent and frictionless protection to data, without hampering the productivity of the workforce.”