Data Security Avoidance Could Mean Big Trouble, Personally > Windows in Financial Services

| Login

Windows in Financial Services offers a monthly e-newsletter providing the latest information on Microsoft’s growing role in the finance industry.

eNews Archives

eNews

Current Articles | Categories | Search | Syndication

Data Security Avoidance Could Mean Big Trouble, Personally

By Don Canning, Microsoft

Recent data leakage cases have stirred discussions surrounding personal liability and harsh penalties. While there are currently no criminal laws in place for loss of a client’s private data, there is certainly an increase of discussion and movement in this direction in many areas of the world.

Recent data leakage cases have generated numerous news articles and debates regarding the possibility of personal liability – including in-depth discussions on the various severities of penalties. These discussions focus squarely on the situations where loss was the result of “gross failures” to protect citizens’ private information. As one example, the harshest of penalties being discussed by the Ministry of Justice in the United Kingdom is a two-year prison sentence for the most serious of offenses. All it would take is one case in one country to enact a penalty such as this, and we would likely see other countries following close behind with their own laws. While it has been easy for businesses and individuals to look the other way when it comes to protecting sensitive client and business information, one must now consider the personal sacrifice and personal costs associated with wearing their data security blinders.

Up until recently, avoidance of the problem may have been the only real option given the effectiveness of solutions available and the lack of consequences associated with failure to take action. With the significant increase in laptop loss and data theft incidents that have resulted in the compromise of private client data, the endpoint has easily taken the title of being the “weakest link” in protecting an organizations’ sensitive data.

When organizations look to overcome this challenge, they need to find solutions that approach the problem in multiple layers, including: 1) system protection, 2) data protection, and 3) enforceable policy compliance. With the availability of “unified endpoint security” offerings and the more recent introduction of data leakage prevention (DLP) offerings, the required solution components are finally available to help organizations protect their sensitive data – and ultimately, protect its employees at both a professional and personal level.

“While a number of financial and insurance organizations have adopted good security practices when it comes to protecting their clients’ private data, there are still a large number that have chosen to accept significant business risk by avoiding the problem altogether,” says Sean Martin, vice president of marketing for SkyRecon Systems of San Jose, CA, and a Certified Information Security Systems Professional (CISSP). “As the idea and real possibility of personal liability comes into play, the people responsible for IT and/or security operations within organizations must reconsider their avoidance strategy and begin to look for real solutions to the problem – beginning at the weakest link, the end-user sitting at his or her laptop or desktop PC.”

SkyRecon has delivered an effective solution that combines the aforementioned layers of protection meshed into a single endpoint system, protecting both the endpoint and sensitive data from compromise while providing integrated tools to prove that the endpoint security policies are in fact defined, deployed, and enforced. SkyRecon’s StormShield product provides centralized single-agent policy management, delivering system protection, data protection and enforceable policy compliance. StormShield’s system protection protects laptops, desktops, and servers from attack and compromise and protects sensitive data from compromise and misuse. Its data protection services authorize the use of laptops, desktops, servers, applications, and removable devices and protect sensitive data from loss, theft, and misuse. Its enforceable policy compliance includes centralized dynamic policy management for connected and remote endpoints, and centralized compliance auditing and reporting.

SkyRecon’s solutions deliver proven and valuable tools that help organizations manage their business in support of their internal and regulatory policies – ultimately helping them to protect their clients’ sensitive and private data. StormShield supports laptops, desktops, and servers running the Windows operating system. A natural complement to Microsoft Forefront, StormShield rounds out the protection for networked environments that utilize Microsoft SQL Server and/or leverage Microsoft NAP. The centralized policy management and reporting tools provided within the SkyRecon Management Console is delivered via integration with Windows .NET technology.

As a Microsoft Gold Certified partner and an active member of the Microsoft-led SecureIT Alliance, SkyRecon is dedicated to delivering endpoint security solutions that meet the financial and insurance industries current and future needs for protecting their business processes and sensitive information.

With headquarters in Paris, France and San Jose, California, SkyRecon provides Windows-based endpoint security solutions to insurance businesses and institutions across the globe.