Feeds

Complacent UK corporates 'easy meat' for crooks

BCS issues wake-up call

  • alert
  • submit to reddit

Remote control for virtualized desktops

British businesses are too complacent over IT security and risk becoming easy targets for fraudsters and other would-be cyber criminals, the British Computer Society warns.

The organisation says uk.plc needs to get its act together on security or risk growing cybercrime losses. The society, which seeks to raise IT standards and promote best practice, highlights risks such as corporate data being lost from company laptops in its BCS Review 2005.

The publication offers six 'golden rules' for mobile security. Tips include: not allowing employers to use their own mobile device to store company information; recording the serial numbers of all PDAs and similar devices (including memory cards) and making use of access control and encryption technology mandatory.

The BCS Review 2005 features various case studies, best practice guidelines and an analysis of various topical issues in IT. Biometric identification, offshore outsourcing, ecommerce and IT training and education are all discussed at length. But its primary focus is IT security.

Although the threat of external cyber-criminals looms high in the public perception, the BCS warns that internal miscreants pose a greater security threat. The review draws particular attention to workers that have access to sensitive data such as salary databases, takeover plans, product research and development information and the like. Sensitive information should be protected using "simple security measures, such as encryption".

Public Key Infrastructure is a technology that never took off as expected but the BCS reckons that "encryption is now more easily and economically enforceable with the overheads of complexity and time delays previously associated with the technology now reduced. Using a 'vault' concept to store encryption keys, vaults can be stored off-line on smart cards or convenient USB key ring devices. This approach also offers protection even for a stolen laptop," it adds. ®

Related stories

BCS offers members proof of professionalism
NHS PKI project in sick bay
Hackers cost UK.biz billions
Security is our biggest ever challenge Gates

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.