UK businesses are failing to adopt the security controls
needed to protect their customers' information, according to the
Department of Trade and Industry's biennial Information Security
Breaches Survey.
The survey, details of which will be released at the
Infosecurity show at Olympia next week, shows that increasing
volumes of business being conducted online have raised the priority
given to protecting customer data.
Most large organisations appear to have adopted best practice
regarding network and data security and 78% of those who accept
financial transactions now encrypt the data they receive to ensure
its confidentiality and integrity. However, smaller firms are less
likely to provide the required protection, and less than a third
encrypted the data they received.
Some 90% of respondents, however, seem to have got the message
that protecting customer information is important or very important
and a strong justification for security expenditure.
Although protection of wireless networks has improved since
2004, small firms are still not adopting strong controls, and many
organisations have yet to consider the security implications of
adopting Voice over Internet Protocol (VoIP) telephony. Despite the
widespread publicity given to VoIP products such as Skype, only
half have evaluated the security risks.
Meanwhile research carried outside Victoria Station in London by
Infosecurity Europe has found that 81% of people were willing to
part with all the personal information needed to steal their
identity for the chance to win an Easter egg bonanza. The survey
was carried out to raise awareness of the dangers of giving
personal information to strangers who could then commit identity
theft.
I can see the point that the Easter egg researchers are trying
to make about personal information, and it follows on from a
similar ‘public research stunt’ done on passwords. But this one, if
you’ll excuse the pun, is over-egging the pudding. Will these
snippets of personal information gained really pose an identity
risk? And if in the week before Easter, someone offers you a free
Easter egg at Victoria Station, wouldn’t you be taken in too? We’re
all human, and sometimes researchers can be too sanctimonious in
trying to make a point!