Protect what is important: your data and your IT system

IT security measures alone (firewalls and antivirus programs) do not provide sufficient protection for your data. Data thieves are seldom classical PC hackers. It happens much more frequently that sensitive data falls into the wrong hands through disloyal employees and intruders or through the theft of data carriers.

Not only is your own know-how at risk, but your company also suffers from a tremendous image loss if it becomes known that your customer data is not secure. This is why you should use a combination of strong mechanical protection and electronic protection (with alarm systems and video surveillance) to achieve efficient protection against this form of economic crime.

Classical forms of data stealing and industrial espionage

According to official figures, in the past three years a total of 8 per cent of all companies were affected by data theft and industrial espionage. The management consulting company Ernst & Young however assumes that there is a much higher number of unknown cases and it estimates that almost every middle-class company suffers from data theft in many different forms.

Typical forms of data theft are:

  • Collecting data per telephone
  • Copying of corporate data onto private USB sticks
  • Burning of CDs by employees
  • Copying and photocopying of important documents

By the way, over 60 per cent of these offences are conducted by active and former employees.*

Data theft through burglars © iStockphoto.com / Devonyu
Espionage through dishonest employees © iStockphoto.com / LeeTorrens

Data theft through burglars

Burglars who break into offices are frequently after a company's valuable IT equipment: computers and notebooks can be stolen quickly and turned into money. What happens to the data on the stolen computers and hard disks can no longer be controlled. This risk is usually underestimated, because although the office equipment is insured and the computers are protected by passwords, the data are open to misuse as soon as the thieves have cracked the passwords with the use of tools easily available on the Internet.

Espionage through dishonest employees

Also a risk for your company: service providers who can enter and leave your offices at will. Cleaners and craftsmen often have extensive access to areas that are off-limits to other employees, for example the office of the Managing Director. If one of these people has a certain amount of criminal energy, then he/she is presented with ideal conditions: he/she can rummage undisturbedly through documents, view and copy data.

What to do? – Six tips for increasing IT security

  1. Make your staff more aware of the problem:
    Data security is a management task. Explain the significance of carefully handling data to your staff.
  2. Define precise authorisations for your staff:
    Not every employee requires access to your customer database, the article database or your CRM. Not everyone has to be able to do everything. Define exactly, who can do what.
  3. Eliminate any weak spots on the office PC:
    USB connections and CD burners are frequently misused for unauthorised copying of data. Restrict all rights here to cover the bare minimum required. The uploading of data from a PC to the Internet should also be restricted.
  4. Monitor your business premises using video surveillance:
    Keep a watchful eye on your offices, monitor what happens in your offices and at your photocopiers after closing time. However, you must observe the statutory rules for video surveillance.
  5. Issue access authorisations:
    With locking systems (mechanical and electronic) you can define who can enter which rooms. The "master key" is something only one person should have: the Managing Director.
  6. Secure your office, both electronically and mechanically:
    Powerful mechanical protection in combination with an alarm system and a video system helps you achieve maximum security for your company and your data. 

 

Source:
* Deutsche Unternehmen fürchten Datenattacken (German companies fear data attacks) - Ernst & Young survey on data theft. www.ey.com. Press release dated 16th May 2011 © 2010 Ernst & Young GmbH

ABUS products for IT security

Questions & answers

FAQ
Security glossary