• open panel
  • Home
  • Archive by category 'Data Security'

Archive for ‘Data Security’

Ipswitch Survey Reveals; Damage to Reputation Seen as Biggest Reason to Comply with Data Protection Laws.

Despite 71% believing UK data protection laws should be stronger, 53% still admit to sending sensitive documents by email and  19% have lost critical documents in transit.

A survey by Ipswitch, managed file transfer (MFT) solutions vendor, reveals that fear of reputational damage is the biggest driver for business professionals to comply with data security laws. Yet the majority are still failing to secure the transfer of critical files.

The survey, conducted at the end of April 2014, asked 415 business professionals working across the EU about attitudes, practices and technologies relating to data security and protection. The results also show that the UK is seen as having tighter data protection laws than Germany or France. However, the vast majority think the UK’s data protection laws need to be even stricter.

Key Conclusions:

  • 31 percent of business professionals say that financial censure is the biggest impetus for complying with data protection or staying in line with ICO guidelines, while nearly half (43 percent) cite fear of reputational damage to their brand as the major reason to fall in line
  • The survey also reveals that over half of respondents (53 percent) admit to sending business sensitive documents over unsecured email, while nearly a fifth (19 percent) also admit to losing critical business documents
  • 64 percent of respondents consider the UK to have the tightest data protection laws, 30 percent name Germany as having the strictest laws, while six percent of respondents say that France has the strictest data protection
  • Almost three-quarters (71 percent) of respondents believe UK data protection laws should be stronger to protect businesses and consumers
  • Over a quarter of respondents (27 percent) have never heard of the UK Information Commissioner’s Office (ICO), the public body which reports to UK Parliament and is sponsored by the Ministry of Justice to oversee data protection and privacy
  • More than half (57 percent) agree that the ICO should be more aggressive in its data protection responsibilities

“It is clear that organisations need to take more responsibility for their own file transfer practices.  Our survey reveals that far too many still rely on unsecured procedures for transferring sensitive files to get work done,” said Loic Triger, VP International Sales for Ipswitch. “Businesses need to have systems in place to mitigate security breaches, and rigorously ensure those systems are appropriately used.”

“Enterprises have come to rely on a mix of DIY approaches for file movement, in the absence of well-defined policies and enterprise-supported alternatives. But it is entirely possible to untangle the web of file transfer applications available and talk about best practices to ensure visibility and control in an increasingly regulated market. We urge all organisations to re-evaluate their file transfer methodologies, before they end up paying the price, either in diminished brand reputation, customer losses, or financial penalties.”

“Business simply cannot afford – either in terms of cost or reputation – to deal with the potential fall-out from unsafe business practices such as unsecured file sharing, and they are clearly looking to the ICO to take the lead in implementing further, stricter regulation.”

 

About Ipswitch
Ipswitch helps solve complex IT problems with simple solutions. The company’s software is trusted by millions of people worldwide to transfer files between systems, business partners and customers; and to monitor networks, applications and servers. Ipswitch was founded in 1991 and is based in Lexington, Massachusetts with offices throughout the U.S., Europe and Asia. Pro2col are Ipswitch’s Elite Partner here in the UK, please do not hesitate to get in contact if you require any further information.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

A look back at InfoSecurity Europe 2014

InfoSec was a little different for the team at Pro2col this year.  We decided to take our own stand again, rather than working on a vendors and it certainly paid dividends. Whilst the show was undoubtedly quieter, due to the Tube strikes and poor weather, it would be fair to say that those that were committed enough to come were there for a reason.  We had lots of conversations with interesting companies about their need to move data securely, from geo-physics to exam papers and everything in between.  All in all it was definitely a worthwhile investment!

Email & Sam at InfoSecurity EuropeAt the exhibition we had a competition to win £250 of Virgin Experience Day vouchers, which our lovely models Sam & Emily ran for us. To enter they simply needed to scan the badges, the girls did exceptionally well with over 1,000 entries over the three days.  We’ll be announcing the winner on Friday, 9th May so watch this space.

As per usual with exhibitions we over indulged a little with some of our vendor partners outlasting us til the early hours of the morning.  And it wouldn’t be InfoSec without some Champions League football to take in as well.  We’ll be sad to see Earls Court being redeveloped having attended some ten plus exhibitions there over the years, still I’m told Olympia has been ‘done up’ so I guess we’ll be heading there for InfoSec next year.

Finally I want to thank all of the team that helped with the event, our customers for coming along to speak to us, our vendors for their hospitality and our models for the fab job they did!

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Is PSN approval enough?

Anyone associated with local government right now is aware of the headache of PSN (Public Services Network) approval, the evidence trail, the multiple iterations and the tight timescales. However, with the constant squeeze on local authority budgets and the drive to working with partners to deliver services, is PSN enough? How do you protect the information about a vulnerable child, when sharing it with the school, NHS, Police, private counselling contractor and so on. In a recent survey* 67% of councils stated that they are sharing data with 5 or more partners to deliver the Troubled Families initiative. This number can only increase as other programmes such as the move of children’s public health commissioning to local authorities next year.

Troubled Families

 

One of the issues thrown up by this approach is the ability to share data. Survey respondents raised this as one of their primary concerns: ‘Data Sharing between organisations’; clear and consistent co-ordination and information sharing’; ‘Culture shift from silo working and inconsistent collaboration’. Pro2col already help several councils to address these issues with cost-effective, secure file transfer solutions, including Cambridgeshire County Council.

“Our users and partners are very happy, we have successfully changed our file transfer methods with minimal disruption, we have very robust measures in place to prevent leaked data, and we’ve exceeded all of our objectives for the project.” ALAN SHIELDS. IT Architect Team Manager

If you would like more information on the solution we provided for Cambridgeshire, please download the case study from here.

 

 

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Most UK firms lack data transfer visibility, Ipswitch study shows

In a recent article from Computer Weekly.com, Rich Kennelly, president of Ipswitch’s File Transfer division discussed the key findings of a recent study relating to the visibility of data movement in UK businesses. Needless to say, the stats were concerning to say the least…

Four out of five UK companies have little or no visibility of data movement, a study has revealed.

Half of more than 100 firms polled by Ipswitch File Transfer admitted they have no visibility of files being transferred within and outside their organisation.Magnifying Glass

A further 30% said they have only limited visibility, despite 64% of respondents saying secure file-sharing was vital to the security of the company data.

“A high level of visibility is critical for any organisation that is serious about protecting its most valuable asset – information,” said Rich Kennelly, president of Ipswitch’s File Transfer division.

“The ability to know who is moving data, where, when, how and why across an enterprise, is crucial, not only for data security,” he said.

Kennelly said data management and visibility is also important for streamlined workflows that improve productivity, and meeting compliance requirements.

Regarding who should be blamed if valuable or confidential company data file are sent or shared unsecured, 52% of respondents said it was a collective responsibility.

More than a third said accountability should lie with the employees; 7% said management should be blamed for not having robust policies in place; and just 3% said IT departments were to blame.

“We’re seeing a real shift in attitude, understanding and acceptance of managed file transfer technologies,” said Kennelly.

“Users know that information is at the core of their business and crucial to its existence, competitive advantage and longevity.”

The survey shows there is now greater understanding that efficient data security demands collective responsibility.

However, Kennelly said users cannot play their part unless the business provides easy-to-use, accessible and simple solutions that make their jobs easier.

The survey reveals that moving sensitive information by email is most prevalent, with 44% admitting to sending classified or confidential materials by email at least once a day.

Almost half admitted to using personal email accounts to send company files, with 21% blaming the slowness of work email, difficulties in connecting and limited file sizes.

Some 11% said they used personal email because their company did not monitor what they send and 8% admitted keeping business documents to use at their next place of work.

More than a quarter of respondents admitted using unsecured file-sharing websites and cloud services to share work-related files, while almost two-thirds confess to using USB drives, smartphones, tablets and other personal devices for backing up corporate files.

About Us

Pro2col are a Certified Ipswitch Elite Reseller based in the UK.  Since 2003 we have been helping companies of all shapes and sizes to tackle their data transfer challenges and maximise their investment in secure managed file transfer products.  If you’d like to know more about how to attain full visibility and control over the data moving into, out of and around your business, please don’t hesitate to contact us on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Dropbox Alternative – Day Two at InfoSecurity Europe

With the sun beating down outside you could have been mistaken in thinking the IT community would stay away from Earls Court, but day two of InfoSec was packed.

Pro2col had the pleasure of assisting on the Globalscape stand, on what is traditionally the busiest day. With Chaz and Chris Thacker both providing demos the stand was busy and the message was coming through loud and clear; IT Professionals want a Dropbox Alternative.

A study by security distributor e92plus that I read at the show highlighted that some 76% of IT Professionals in the UK had Dropbox at the top of its list of banned Globalscape and Pro2col at Infosec
technologies. This was very much reflected by the conversations we had and the demonstrations of Globalscape solutions provided.

The most popular solution by far was Mail Express. Visitors loved the web based functionality and MicroSoft Outlook plugin. The Drop Off Portal also proved a big success as IT admins learned how they could provide a hands off facility for large files to come into the business without the need for setting up FTP accounts or clogging up email servers with attachments.

If you’d like to learn more about how Globalscape solutions could help your business Replace Dropbox, contact Globalscape’s UK Master Partner here.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Ipswitch MOVEit Ad Hoc shortlisted for SC Magazine Technology Award

Ipswitch File Transfer MOVEit Ad Hoc has been shortlisted by SC Magazine for a Technology Award in the category of ‘Best SME Security Solution’. Our secure person-to-person file transfer solution has been recognised among the most innovative products addressing the security demands of smaller enterprises today. Winners will be announced at the SC Magazine Europe Awards on 23 April, to be held at London’s Hilton Park Lane.

MOVEit Ad Hoc ensures secure sending and receiving of sensitive files and messages between individuals and groups. It provides peace of mind for businessesSC Awards sharing mission critical digital information with their employees, partners and customers using Outlook or any simple browser interface. A recent Ipswitch study reveals that more than a third of people sharing information are doing so insecurely, through personal email or consumer file-sharing sites. MOVEit Ad Hoc provides a simple yet secure solution to sharing files which avoids this increasingly prevalent risky behaviour.

For over 20 years Ipswitch has been a leader in providing secure Managed File Transfer solutions. So it is an honour to be recognised by SC Magazine, not just for ourselves, but on behalf of the many businesses and industries that already depend upon Ipswitch File Transfer to protect their most valuable and sensitive information. It’s also particularly rewarding for MOVEit Ad Hoc to be recognised on the heels of our recent launch – our easy-to-use, IT-approved, person to person file transfer solution.

SC Magazine is the world’s largest dedicated IT security publication, serving the industry for over 15 years. The SC Awards Europe is among the most coveted and prestigious accolades for the information security industry, honouring vendors that deliver the most innovative security technologies.

A panel of industry judges from the information security profession will now pass judgement on the products and services put before them, including Ipswitch File Transfer MOVEit Ad Hoc. Review the shortlist for every category here. Read the latest awards build-up and coverage here. Book tickets for the event here, and find out more about MOVEit Ad Hoc here.

Guest Blog by Jeff  Whitney, Vice President of MarketingIpswitch File Transfer

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Are Employees Putting Your Company’s Data at Risk?

One of our key vendors, Ipswitch File Transfer conducted a survey of over 200 IT leaders and practitioners with security responsibilities about person-to-person file-sharing practices.  From the results that they gathered, this is what they found…

These results should alarm IT and security professionals.  Findings show that employees are circumventing IT staff by sending confidential and highly sensitive company files via means that are insecure and lack auditability. The results serve as a graphic reminder that when company systems hinder employee productivity, it’s both a security risk and bad for business.

There’s no way to sugarcoat the results of the survey, the highlights of which you can see in the Infographic below. Click here to register to receive the full research report results and recommendations.

 

Ipswitch File Transfer Survey Results - Person to Person File Sharing Risks

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Cloud File transfer Services Hosted in the UK are not subject to the Patriot Act

Over the years I’ve spoken to many clients about hosted data transfer systems, and the security implications of where your data is stored.  Generally there arelots of levels of sensitivity of data that a business might have. Sometimes the more commercial, cloud based technologies can fit, e.g. sending marketing collateral to a printers wouldn’t generally be considered sensitive data.  Over recent years however, there has been a worrying increase in the amount of enterprises who have either mandated the use of cloud based technologies for the distribution of sensitive data, or turned a blind eye to what employees are using off of their own back.  Naturally there are issues surrounding compliance here and potential brand damage should the data find its way into the public domain, but that’s been covered many times before and isn’t the focus of this blog.

 

A few days ago I spoke with an international consulting firm (who shall remain nameless). They confided in me that the organisation didn’t have a managed file transfer solution in place to cater for the ad hoc transfer of data between internal staff and external parties.  They disclosed that a decision had been taken to purchase a wetransfer.com channel for their business, but this IT Manager was very concerned about compliance and security of his data.  Having had some experience of wetransfer in the past I suggested that additionally he should be concerned about where his data was stored.  Being a predominately US based company, it could be possible that their data was making its way to their US data centres and therefore be subject to the Patriot Act.  I wasn’t scaremongering, this is true as there is no way to define which server your data resides on as it’s a consumer grade solution, predominantly adopted by enterprises to get them out of a hole.

 

When looking at securely transferring business critical data I can see why a company may opt to adopt a ‘big brand’ cloud solution, but its worth pointing out they’re generally big brands because they appeal to the masses and are consumer grade.  When selecting a cloud based technology its worth asking these questions:

 

  1. Where will my data be stored?
  2. What levels of physical security are in place at these data centres?
  3. What security is in place to protect my data at rest in these locations?
  4. Is my data encrypted in transit and at rest at all times?
  5. Who within the organisation supplying the service has access to my files?
  6. What controls am I offered to administer and manage the service being used across my organisation?
  7. What compliance or data security standards do you adhere to?
  8. What logging and tracking do you provide to help me achieve compliance?

 

This list outlines some of the most important questions and is a good starting place.  If you’d like to discuss your file transfer requirements in more detail our consultants can help.  We’ve been working with file transfer technologies for more than a decade now and are well placed to be able to detail your requirements and help you identify the best technology fit.  Get in touch via our online form or call 0333 123 1240 or for International callers +44 1202 433 415.
Share on TwitterShare on FacebookShare on LinkedIn+1
 

Personal File Sharing in the Business: The Risks

It may be a new year, but we’re still facing the same old challenges on our return to the working world.  Personal file sharing is one of those challenges.  If employees are left to their own devices, the chances are they will turn to familiar consumer grade technologies such as Dropbox that were just not designed to adequately secure business data.

Micheal Osterman of Osterman Research succinctly summarises some of the key issues surrounding personal file sharing in his white paper, “Business-Class File Sharing Best Practices”.  Here is an excerpt from the paper:

Excerpted from “Business-Class File Sharing Best Practices”

The Status Quo Doesn’t Work

Business-Class File Sharing

  • Users are stymied because company email systems often do not permit file attachments of more than 10 to 20 megabytes to be sent, and it is not efficient at sending more than a few files at a time. Moreover, email doesn’t typically include a return receipt so the sender can know if the recipient ever received the email. Also, when email is used for file transfer, it imposes increased storage and bandwidth costs, slow message delivery, long backups, long restores, high IT management costs.
  • Many users will turn to their personal Webmail account because of their ability to send very large files through these systems. However, when users do so there is no IT visibility into the sent or received content, no tracking, no auditability, and no archiving. Moreover, corporate content can reside in personal Webmail repositories for many years, long after an employee may have left the company. While this makes life easier for users, it increases the risk to the organisation.
  • USB sticks, tablets and smartphones create the same problems: lack of security, higher costs, their likelihood of being lost or stolen, and the potential for content on them to be accessed by unauthorised parties.
  • Dropbox-like file sharing tools and cloud services can be effective, but they do not permit IT management or governance of content. And, they often are individual accounts and not under the sanction of IT which means that IT doesn’t have the visibility or insight into what is being transferred, nor does IT maintain any type of audit trail for this content.
  • SharePoint and similar tools are useful for sharing information if both senders and recipients are using it. However, SharePoint require the deployment of a dedicated infrastructure and training for end users, and it is not always easily accessible by remote workers or people external to an organisation.
  • Basic FTP client-server systems, while useful, require both the sender and recipient to have access to the FTP server to share information, which can be an ongoing provisioning burden for IT.
  • Physical delivery of information – such as CD-ROMs or DVD-ROMs that are burned and sent through overnight services – is expensive and the speed of delivery is slow

If you’d like to learn more about secure file sharing practices, you can access the full Osterman whitepaper here.  Alternatively, if you’d like to discuss your specific file sharing challenges with one of our managed file transfer experts, please don’t hesitate to contact us on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Socitm 2012: Managed File Transfer for Councils

We’ve been working closely with councils throughout the UK to simplify, secure and streamline their file transfer, so we couldn’t miss the opportunity to attend Socitm 2012; the No. 1 UK ICT event for councils.  The conference has kicked off today (here’s a breakdown of the programme) and the Pro2col team are ready and waiting to share the knowledge and experience that we have gained from working with councils to secure person-to-person file transfers and automate the movement of sensitive data into and out of the organisation.

Pro2col Managed File Transfer at Socitm 2012

On a similar note, this is the ideal moment to publically release our lastest e-book: The Council’s Guide to Secure Managed File Transfer, which is now available for download.  It covers a range of issues surrounding the secure movement within councils including:

  • How to eliminate the problems caused when employees resort to insecure, non-compliant file transfer methods such as email.
  • Ensuring you meet with UK data security and compliance legislation including The Data Protection Act and PCI DSS.
  • Providing your employees with a quick and simple way to send and receive sensitive files both internally and with third parties.
  • Automating the transfer of files, saving time and money.
  • How to regain control over file transfer processes and user access.

If you’re at the conference and would like to speak to one of our managed file transfer experts, drop by stand 8 (piccy attached) – we’re always happy to help.  If you’ve not been able to make it this year and you’d like to talk to us, please don’t hesitate to get in touch with the office on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 
© Pro2col Ltd 2012 | Terms of Sale | Privacy Policy | Sitemap
Part of the Pro2col Group