|Friday 22 November 2019|
Home | About Us | Prefix Blog
December - 2006 November - 2006 August - 2007 February - 2007 July - 2007 June - 2007 March - 2007 May - 2007 November - 2007 September - 2007 Show All
Future's not so bright for Orange customers - from Computeractive
Is our data safe from employees?
The BBC on "surveillance society"
Welcome to the Prefix Blog
24-November-2006 Future's not so bright for Orange customers - from Computeractive
Security blunder leads to ID theft fear
The public are being told that companies with poor security policies could cause them to be victims of identity theft, after an undercover report from Channel 4 revealed security at mobile phone firm Orange had been breached.
The report found that at one call centre, staff with access to customer information such as bank details, addresses and dates of birth, were told to share the same computer log-ins and passwords.
This has lead to a fear that without the correct methods to trace people logging in, such sensitive banking information could be used to commit ID fraud. This concern is also shared by the Information Commissioner’s Office, which has confirmed that carelessness with personal information can lead to identity fraud and information falling into the wrong hands.
In a prepared statement, a spokesperson for the ICO said: “The shared use of passwords and log-in details is clearly wholly unacceptable. Sharing information in this manner could result in security breaches."
Despite this warning it seems that many businesses are still breaking the law when it comes to sensitive public information, warns Graeme Pitts-Drake, CEO at Prefix IT.
“As an organisation we see lots of companies with a lax attitude towards ID theft,” he said.
"This ranges from the private to the public sector. Although companies should have rules and procedures in place that dictates their standing with sharing and stealing personal information many have not bothered.”
Independent research by the company backs this view, with 73 per cent of workers unaware of any special security measures to prevent workplace theft.
“Without businesses pulling their weight the responsibility lies with the public. If you are at work and see someone downloading onto a USB or other memory capturing device, do not be afraid to report it,” added Pitts-Drake.
Orange was challenged over how it protects details on its 14.5 million customers after a former employee told Channel 4 that at one call centre staff with access to them share the same computer log-ins and passwords.
When contacted, Orange refused to comment.
It is currently being investigated by the ICO, which has contacted the company today for further information and to discuss what procedures are in place to protect customers’ information.
The ICO has promised to continue to pursue this with Orange to ensure that adequate safeguards are adopted to properly protect personal information.
23-November-2006 Is our data safe from employees?
I just wonder how many CEOs out there are faced with data and ID theft from within the organisation - and how many actually care! Recent independent research should instill fear into every board director of UK plc whether they be MD, Sales Director, HR of Finance.The problem is that they are generally ignorant of the fact that their data is literally "walking out of the door" on USB flash drives, iPods, MP3 players and digital cameras! In the research only 7% said that they had experience data theft which proves that it goes on largely undetected within all organisations.According to this research 35% of employees would be willing to download business critical data to a storage device connected to the end point (the PC) which rises to 65% upon leaving an organisation and with 87% of employees owning a device to download it to - they have the means to do it.What's more it's very easy to do - 10Mb of data can be downloaded in 10 seconds to a USB device that costs less than £10! For the unitiated - 10mb is around 20,000 personnel or customer records!What shocked me about the research was the blasé attitude from employees when deciding what they felt was theirs by right. 30% of workers agreed that sales leads and business contacts were rightfully their property and so didn't see taking them as stealing!With ID theft now hailed as the fastest growing crime in the UK today, organisations have the moral and legal obligation to protect our data from theft yet many don't see it as a priority.Oh well, I guess this is remininescent of the days when organisations eventually had to install firewalls to protect the perimeter from external attacks - I wonder just how many companies actually did get attacked and then decided to install protection (horse, stable door and bolted seem to spring to mind here!).Yesterday's firewall issues are today's end point issues and the sooner board directors see this as a priority, the sooner both they and us will be protected against exposure to unscrupulous individuals who see data theft as an easy road to riches.Employers who continue to trust their staff blindly without relying on robust security measures are just asking for trouble.
23-November-2006 The BBC on "surveillance society"
Today’s news that Britain is the ‘surveillance capital of the world’ (ref. BBC) should give us all pause for thought both as individuals and IT professionals. The increase in data collection on individuals, whether through loyalty cards, payroll and bank details, or mobile phone accounts is not being matched by any discernible improvement in attitudes towards data theft or preventative processes. In addition all this leads to increase ID theft which, as we know, is the fastest growing white collar crime in the UK todayAccording to independent research commissioned by Prefix IT, data is pouring out of organisations both large and small, public and private - not only much publicised call centres. Added to this policies are patchy and ill-communicated and data thieves are everywhere. In fact, you may be one yourself, apparently 65% of us are. But frighteningly, 30% of managers say that ‘preventing data theft is not even on the radar’.Smart technology is part of the answer, but it can’t save the day until attitudes change, those of data thieves and those of data guardians.
22-November-2006 Welcome to the Prefix Blog
We welcome you to our new blog.
In the future, we will add to this to provide useful information, thoughts and help.
Contact us at info@prefixIT.com if you would like us to cover any topics within this blog in the future.
Please visit us here again soon.