All the latest UK technology news, reviews and analysis
|
|
|
28 Oct 2008
Nearly a quarter of UK law firms have admitted to losing confidential data, according to a recent survey by Credant Technologies.
The data protection firm's survey of 100 law firms across the country found 24 per cent of respondents admitted to misplacing at least one mobile device containing confidential documents, putting case notes, contracts and client details at risk.
Just 13 per cent of those who said they had lost a device believed the data was protected as the device was secured and the information encrypted. On the other hand, almost four out of 10 (37 per cent) of the lawyers surveyed believed that if they did lose their mobile device the data would be easily accessible to a hacker.
While a third of respondents said they encrypt their data now, over 90 per cent believe a password alone is sufficient to protect the data. However, according to ex-hacker turned IT security consultant Robert Schifreen passwords are not up to the job of protecting sensitive information on a mobile device.
"You can download cracking software from Google that can break the average password in less than 30 minutes," he said. "These findings show just how naive the legal profession is when it comes to data security and I suspect other professions are just as bad, if not worse. The only answer is, if you store sensitive data you must encrypt it."
The study found that one of the biggest security gaps stemmed from the fact that one in five lawyers use their own personal mobile phones, notebooks and USB drives to store client and corporate information.
"It's worrying to note that so many unprotected devices have gone missing over the past few years, but personally I'm more concerned by how many personal mobile devices are being used by lawyers that clearly bypass any security procedures set up by the legal firm," said Michael Callahan, vice president of Global Marketing at Credant.
"This creates an uncontrollable environment for the IT security staff as they simply can't keep track of which devices they've secured and which they haven't. "
Callahan recommended that all organisations "implement a data protection policy that ensures all handheld, laptop and removable media are encrypted, managed and controlled centrally, which then enables the IT guys to be able to suspend access to the information if it is misplaced or stolen".
Latest stories from Management
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Salesforce.com Consultants, both Functional or Technical...
Enterprise Data Architect required by reputable Banking...
SSIS, SSAS, MDX, OLAP, OLTP, Data Warehousing, Data Modelling...
Specialist IT service provider is looking to recruit...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
We trust these people?
Sounds like solicitors have data security is modelled on that of the Government, MOD, Health Service... ! Least if they want to get it back they can use a service like www.usbstickfinder.com or www.gadgettrack.com Looks like lessons are never learnt, seem to remember the BCS called this an Alcohol Related Security Event, what an acronym, watch this space for more events coming up to christmas.
Posted by: Ritchie 29 Oct 2008
Total Bollocks
Amazing a company that provides data encryption solutions have completed their own survey which, yes you guessed it comes to a conclusion that law firms need to use encryption. Yet again vendor marketing fear uncertainty and doubt.
Posted by: Alex Bastard 29 Oct 2008