Data security 'should be a key focus in 2012'

Date: 31/01/2012

Protecting technology investments and increasing data security is set to become increasingly important for small business throughout 2012.

Calls made to 0800 phone numbers, which are recorded for training purposes and feature personal client details, may be one area in which firms need to make improvements.

EMEA security chief technology officer and director of security strategy at Symantec Greg Day explained how historically many companies fail to recognise the importance of protecting their sensitive information.

He claimed: "There is a disproportionate investment between the assets and the protection of the information they hold."

Mr Day warned that securing data should be the main focus for enterprises, rather than keeping technology devices safe.

"Protecting information is key, yet for most the balance between information and asset security is skewed towards assets," the expert remarked.

However, it was noted that many businesses are "slowly" starting to recognise this and realise "the threat has changed".

Independent information technology security consultant Kevin Wharram commented that in recent years there has been "a lot of hacking going on" and this is set to increase as devices become more and more commonplace.

The specialist suggested that malware will continue to be a threat, while data leakage will increase.

Mr Wharram described how protecting data "is a big issue now" as companies no longer only stand to sully their reputation, but also face a fine if sensitive information is accidentally released.

"The EU has proposed a new law, a European data directive, which actually states that they want to fine companies two per cent of their annual revenue in the event of data loss," he said.

Although call centres may previously have introduced data security systems to ensure their client details are protected, Mr Wharram's comments may inspire firms to look at new antivirus and software protection designed for the latest devices including Android phones and tablets.

According to the expert, as increasingly sophisticated technology enters the market, sensitive details risk being made increasingly public and the control of this "is going to be a big issue".

Mark Dampster, associate of the Centre for Cyber Security, urged companies "to place data security at the heart of their considerations as they go about their daily business".

He claimed everything that is done online and stored using internet technology should be "thought about carefully" by all employees within a firm.

It was noted that advancements in devices continue to move at the "usual exponential rate" and with this brings new threats and risks, as large amounts of information is produced and stored on the web.

"More data does not necessarily make it less secure but the nature of the data - its confidential nature, the location and the context - makes it more attractive to exploit and [provides] a greater opportunity to criminals," Mr Dampster remarked.

Considering ways to protect customer details and business strategies may be something firms decide to focus on over the next 12 months, as it was noted the movement towards online crime and the risks this presents to technology is "unknown".