Tag Archives: IT

95% of UK businesses “still struggling” with mobile working as security of data continues to cause concern

Apricorn – the manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives – has unveiled new research results highlighting that 95% of organisations surveyed in the UK recognise problems with mobile and remote working. Worryingly, nearly one-in-five (18%) suggest that their mobile workers don’t care about security.

All (ie 100%) of those IT decision-makers surveyed noted that they had employees who work remotely at least some of the time, with an average of over one third (37%) of staff members who do so. With an increase in the numbers of people working remotely, this means more data moving beyond the confines of the corporate network. Organisations need to ensure that any data – be it at rest or on the move – remains secure.

While many are taking steps to ensure their data is protected, for instance by implementing security policies for mobile working and Bring Your Own Device, just under half of respondents (44%) still agree that their organisation expects their mobile workers to expose them to the risk of a breach. Roughly one third (32%) say that their organisation has already experienced a data loss or breach as a direct result of mobile working, while 30% of respondents from organisations where the General Data Protection Regulation (GDPR) applies are concerned that mobile working is an area that will most likely cause them to be non-compliant.

MobileWorkingSecurity

53% cited that one of their Top Three biggest problems with remote working is due to the complexity and management of the technology that employees need and use. Over half (54%) say that, while their organisation’s mobile workers are willing to comply with requests relating to security measures, employees lack the necessary skills or technologies required to keep data safe. Nearly one third (29%) take the radical approach of physically blocking all removable media, while a further 22% ask employees not to use removable media (although they have no technology means by which to enforce this).

“The number of organisations blocking removable media has increased compared with responses to the same question in 2017, when 18% said they were physically blocking all removable devices,” said Jon Fielding, managing director for the EMEA at Apricorn. “A unilateral ban isn’t the solution and ignores the problem altogether, while also presenting a barrier to effective working. Instead, businesses should identify corporately approved, hardware-encrypted devices that are only provided to staff with a justified business case for having such. The approved devices should then be white-listed on the IT infrastructure, blocking access to all non-approved media.”

Risk of data breaches

Despite strict security policies, mobile working can still leave organisations wide open to the risk of a data breach. Half (50%) of respondents admitted one of the three biggest problems with mobile working is that they cannot be certain their data is adequately secured. Only around half enforce and are completely confident in their encrypted data in transit (52%), in the cloud (52%) and at rest (51%).

“While the new GDPR legislation requires the ‘Pseudonymisation’ and encryption of personal data, encryption isn’t a new concept, and keeping data secure has always been imperative to any organisation handling sensitive information,” added Fielding.

In conclusion, Fielding stated: “Organisations are simply not following security Best Practice. They need to implement and enforce policies and provide employee training to ensure compliance with the GDPR. Failing to put processes in place is putting confidential data at risk. Organisations now face the prospect of being fined even before a breach has occurred.”

Advertisements

Leave a comment

Filed under Risk Xtra

CDVI UK receives Cyber Essentials accreditation

CDVI UK has announced the company’s successful accreditation to the Cyber Essentials security standards. Cyber Essentials is a Government-backed and industry-supported scheme designed to help organisations protect themselves against common online threats. This set of basic technical controls assists organisations in protecting themselves against common online security threats.

This certification is consistent with the continual desire of CDVI UK to offer secured solutions and products.

CDVI UK has been working with Luke Hargreaves, managing director at Cloud Smart Solutions, to secure the company’s IT network against cyber attacks. The business now has up-to-date and operative cyber security measures in place.

CyberEssentialsLogo

The latest update of the ATRIUM web-based access control to General Data Protection Regulation standards shows that CDVI’s product development is fully connected to the latest trends in the security industry.

The CDVI Group develops products ranging from biometric and online access control solutions through to electromagnetic locking, keypads, stand-alone entrance systems and door automation.

Leave a comment

Filed under Risk Xtra

Spiceworks survey shows one-in-four organisations “not confident” over security of cloud-stored data

Spiceworks has published the results of a new survey examining the adoption and perceptions of cloud storage and file sharing services in businesses across Europe and North America. The results show that Microsoft OneDrive is the most commonly used service, followed by Google Drive and Dropbox (among others). The findings indicate that, although the adoption of cloud storage services has grown rapidly, a quarter of business technology buyers are still concerned about hosting company data in the cloud and are therefore prioritising security when evaluating solution providers.

According to a similar Spiceworks report issued back in March 2016, 53% of organisations were using cloud storage and file sharing services. Among those organisations, 33% were using Dropbox, 31% were using Microsoft OneDrive and 27% were using Google Drive. However, the 2016 report revealed that OneDrive had the highest planned adoption rates.

Today, 80% of organisations are using cloud storage services, while an additional 16% plan to deploy a solution within the next two years. Currently, 51% of organisations are using Microsoft OneDrive, 34% are using Google Drive and 34% are using Dropbox. Additionally, 13% of businesses are currently using Apple iCloud, 6% are using Box, 6% are using Citrix ShareFile and 3% are using Amazon Drive.

When examining adoption rates by company size, the results show that OneDrive has the highest usage in enterprises – defined as businesses with more than 1,000 employees – with an adoption rate of 59%, compared to Google Drive at 29% and Dropbox at 25%.

SpiceworksCloudSecurity

Although OneDrive also claims the top spot in SMEs, the gap in adoption rates among the top players is much smaller. For example, among mid-size businesses with 100 to 999 employees, 54% are using OneDrive, 35% are using Dropbox and 33% are using Google Drive. In small businesses with one to 99 employees, 47% are using OneDrive compared to 39% using Google Drive and 34% using Dropbox.

Security: the most important factor for service selection

Among business technology buyers involved in the purchase decisions for cloud storage services at their organisation, security was considered the most important factor when evaluating providers. In fact, 97% said that security is an important to extremely important factor followed by reliability (96%), cost (93%), ease of use (93%) and vendor reputation (89%). Conversely, technology buyers believe factors such as document collaboration (67%) and app/tool integrations (59%) still matter, but are less important.

When asked to select up to five attributes that they most associate with the top providers, 39% of business technology buyers primarily associate OneDrive with being secure, compared to Google Drive at 28% and Dropbox at 19%. Google Drive ranks the highest in terms of reliability and cost-effectiveness, while Dropbox ranks the highest when it comes to ease of use. Additionally, Microsoft OneDrive was recognised as a trusted vendor and for being integrated with existing apps/tools.

Security of data stored in the cloud

Despite the pervasiveness of cloud storage and file sharing services, some organisations are not confident in the security of their data stored within those services. In fact, 25%of technology buyers believe their data in the cloud is ‘not at all’ to ‘somewhat’ secure. This is perhaps because 16% of organisations have experienced one or more security incidents – such as unauthorised access, stolen credentials or data theft – via their cloud storage service in the last 12 months.

Therefore, organisations are taking extra steps to enhance their data security when using cloud storage and file sharing services. 57% of organisations only allow employees to use cloud storage providers approved by their IT Department, 55% enforce user access controls and 48% train employees on how to use cloud storage services properly.

However, other security measures are less common, such as enforcing multi-factor authentication when using these services (28%), putting a cloud storage/file-sharing security policy in place (28%) and encrypting data in transit (26%) and at rest (22%) via their cloud storage service.

“It’s evident organisations are putting more trust into cloud storage services, but some are still hesitant despite the recent growth in adoption,” explained Peter Tsai, senior technology analyst at Spiceworks. “Although cloud storage services often include features that help in securing sensitive corporate information, there will always be risks involved when entrusting data to a third party.”

The Spiceworks survey was conducted in April and included the views of 544 respondents. Respondents are among the millions of business technology professionals in Spiceworks and represent a variety of company sizes, including SMEs and enterprises. Respondents come from a variety of industries, including manufacturing, healthcare, non-profits, education, Government and finance.

*For more information and a complete list of survey results visit https://community.spiceworks.com/blog/3058-cloud-storage-services-who-claims-the-top-spot-among-microsoft-google-dropbox

Leave a comment

Filed under Risk Xtra, Uncategorized

IFSEC organiser UBM previews ‘The Future of Security’ Seminar Theatre powered by Tavcom Training

In partnership with Tavcom Training, the provider of accredited security systems training courses, IFSEC International organiser UBM has unveiled some of the detail behind ‘The Future of Security’ Seminar Theatre. Sponsored by Panasonic UK, this will deliver a range of essential CPD-accredited presentations on the very latest in security technology design and integration when IFSEC 2018 runs at London’s ExCeL from 19-21 June.

Physical security systems are now heavily dependent on IT-based platforms. This intersection of technologies has opened up significant potential for security installers and engineers to offer even better solutions for their end customers. To reflect this demand, ‘The Future of Security’ Theatre will focus on these opportunities in offering a full set of free seminars. The sessions will expertly target key areas addressing cyber security, IT Best Practice, practical IP networking, integration and system design plus a wide range of additional core areas. All sessions will be delivered by specialist Tavcom trainers.

Delivering insight into the major security challenges, the cyber security sections will look into how robust approaches can strengthen an existing physical security system, providing the end user with even greater resilience to cyber threats.

From an IT security aspect, the sessions will include sessions on understanding firewalls and identifying vulnerabilities which can be inherent in the installation process. In addition, there will be exclusive sessions on the use of drones in security and how this technology is both a benefit and a hazard.

IFSECInternational2018ShowMeHow

‘The Future of Security’ Theatre will be a major element in the new ‘Show Me How’ project at IFSEC International 2018, which will identify education opportunities and exhibiting companies as key destinations where visitors can go to learn about Best Practice and capabilities. Exhibitors will host technical experts on their stands to ensure visitors gain a direct understanding of the products and solutions and making sure they leave fully equipped with the right knowledge.

At the event, all ‘Show Me How’ areas and exhibitors will be clearly signposted to help visitors make the best possible use of their time at IFSEC 2018.

With cyber crime being an ever-present threat exploiting business weaknesses around storing data in multiple locations, Panasonic UK is proactively taking action to thwart such threats by expanding its cyber offerings. In particular at IFSEC International 2018, the business will focus on how integrators and installers can bring additional value to end users by providing ‘cyber safe’ environments.

Paul Tennent, sales director at Tavcom Training, stated: “As a leading training provider for the security and fire installer sectors, Tavcom is excited to be part of the new position IFSEC is taking as a major education provider. Its been interesting to see the insights and research IFSEC has gained over the past year, particularly so in regard to the expectations and direct needs of the installer community. It’s also acutely apparent that growth areas and technologies in and around cyber security are becoming critical, so we’re happy to lend our expertise to the wider IFSEC audience.”

Gerry Dunphy, brand director for IFSEC International, responded: “We’ve been through an extensive research programme over the past 12 months which has provided IFSEC with a clear set of directions, matching the direct needs of our customers. They’ve told us they have a need to understand the future. They need guidance on areas such as how cyber security impacts on physical systems and they need to hear from specialists they can trust. Working with Tavcom Training on ‘The Future of Security’ Theatre is the perfect solution given Tavcom’s history and expertise in these core areas. Our customers have told us what’s keeping them awake at night and it’s IFSEC’s duty to help them rest more comfortably.”

*IFSEC International 2018 is co-located with FIREX International, Safety & Health Expo and The Facilities Show, offering a strategic blend of related business to business events focusing squarely on the protection and management of people, property and assets

Leave a comment

Filed under Risk UK News

‘Technology at the Edge’: Axis Communications unveils Top Five Trends to shape 2018

Surveillance specialist Axis Communications’ CTO Johan Paulsson has outlined the Top Five Trends that the company feels will shape the New Year. 

Paulsson stated: “As the Greek philosopher Heraclitus said: ‘The only one constant in life is change’. There’s perhaps no better example of this than the technology industry, where innovation is so rapid that even the most fantastic of imagined futures seem like they could become a reality in the not too distant future.”

Axis Communications has put together five top technology trends that the Lund-based business feels will have a great impact on the security and surveillance industry now and in the years to come, helping to facilitate a smarter and, of course, safer world.

JohanPaulssonCTOAxisCommunicationsWeb

Johan Paulsson: CTO at Axis Communications

(1) A move towards the edge

“Two of the greatest trends that have propelled our industry forward in recent years,” observed Paulsson, “are cloud computing and the Internet of Things (IoT), both of which are delivering undeniable benefits to businesses and consumers alike. That said, they also come with implications, namely the rise in the amount of data being transferred, processed and stored. Going forward, we anticipate that ‘edge’ computing will become ever popular, alleviating this issue by performing data processing at the ‘edge’ of the network, closer to the source of the data. Doing so significantly reduces the bandwidth needed between sensors, devices and the Data Centre.”

(2) Cloud-to-Cloud

Paulsson observed: “Despite the move towards edge computing, the cloud will continue to play a significant role in IT infrastructures. As an increasing number of companies offer cloud-based services, the cloud ecosystem is increasingly becoming the preferred point of integration, rather than the traditional on-premise system. One benefit of integration between clouds is the significant potential reduction of in-house IT services required, in turn creating great cost benefits.”

(3) Deep and machine learning

According to Paulsson: “We’ve now reached a stage where the full benefits of deep learning architectures and machine learning can begin to be realised. The explosion of data available to analyse is helping businesses become increasingly intelligent. As applications develop, there are significant opportunities for predictive analytics which could facilitate incident prevention: from terrorist incidents to slip and fall accidents; from traffic issues to shoplifting and even the tragedy of rail suicides.”

(4) Cyber security

“Once again,” outlined Paulsson, “cyber security must appear on the list of trends for the next 12 months and beyond. The constant enhancement of cyber security will be a never-ending task. This is because well-resourced cyber criminals will never stop looking to exploit vulnerabilities in any new technology. As the number of connected devices grows, so too do the potential flaws that, if left unaddressed, could provide the opportunity for networks to be breached.”

Embellishing this theme, Paulsson said: “Legislation is being created to address these concerns. In the European Union, the forthcoming General Data Protection Regulation – the deadline for compliance for this being 25 May – will unify the protection of data for individuals within the EU, wherever that data is held or used.”

(5) Platforms to realise the full benefits of the IoT

In conclusion, Paulsson informed Risk UK: “The IoT has reached a point where it’s crucial to use scalable architecture to successfully collect and analyse data and manage the network of connected devices. Such an IoT platform allows equipment from different node vendors to co-exist and easily exchange information to form smart systems using existing network infrastructure. There are numerous companies, both well-established providers of technology and new market entrants, that are enabling platforms to support IoT devices. The next 12 months will see further maturation of this process.”

*Read more: https://www.axis.com/blog/secure-insights/technology-trends/

Leave a comment

Filed under Risk UK News

Electronic Fire and Security Industry Symposium 2018 topics announced by Euralarm

The newest edition of the Euralarm Symposium will take place in Bucharest on 4 June next year. In five years, the conference has established itself as one of the most important when it comes to significant market developments in innovation, legislation, regulation and standardisation as they affect the electronic security and fire safety sector.

Never shying away from controversial topics impacting the industry and with a view to providing business relevance, the annual event is aimed at Euralarm members, namely companies within the industry and national associations across Europe. It’s set to attract a large crowd. Notably, European stakeholders – both from institutions and advocacy groups – are expected to join the conference.

EuralarmLogo

Topics for the 2018 Euralarm Symposium have been chosen for their broad appeal. The common thread will be the continually changing business environment and how this can be addressed to offset the challenges that globalisation and technological developments have set for the industry.

Qualifying to compete In today’s market, companies must qualify to compete. The EN 16763 Services Standard – one of the first to focus on the tertiary sector – was only a stepping stone. National players must now set out to outline how skills, experience and knowledge are verified and establish qualifications that are valid ‘across Europe’.

Keeping Security secure In the context of the EU General Data Protection Regulation and ever-evolving cyber security risks, the fire safety and security industry must define and implement measures to protect its products and solutions. Measures for IT infrastructures essential to the industry must be implemented while at the same time keeping European citizens secure.

Regulating construction products Euralarm’s Construction Products Regulation (CPR) Task Force is studying the influence of the CPR on the harmonised standards for fire safety. The objective is to develop a common understanding of how the CPR impacts the market today and how best to deal with the problems that Technical Committees such as CEN/TC 72 and CEN/TC 191 are facing. The Symposium will be the occasion for presenting and discussing the resulting publication and reaching out to EU stakeholders.

Lance Rütimann, Euralarm’s Advocacy Committee chairman, said: “The challenges for our industry are more complex with noticeable increases in both technical and regulatory developments and the resulting demand on new skills. We will embrace this exciting time with confidence to find the answers that can drive the growth and successful evolution of the market.”

Leave a comment

Filed under Risk UK News

Arc Monitoring moves to double Control Room capacity

Arc Monitoring has completed a major upgrade of its Control Room facilities. The revamp of one of the UK’s fastest-growing independent Remote Video Response Centres (RVRCs) reflects the confidence Arc Monitoring has in the continuing growth in demand for the services provided by operators within its National Security Inspectorate (NSI) Gold Category II Control Room.

“The boom within the construction industry, as well as a large number of solar energy farms springing up all over the UK, are just two examples of where opportunities have been created for RVRCs such as that run by Arc Monitoring to offer a cost-effective alternative to having security officers on site on a 24/7 basis,” said Jonathan Sturley, managing director of Bristol-based Arc Monitoring. “This is in addition to the demand for our services from a diverse range of other vertical markets. The significant investment we’ve made in upgrading our facilities will ensure that we’re able to continue to recruit additional high calibre operators in line with demand.”

ArcMonitoringControlRoom

In addition to doubling the number of workstations within its Control Room, Arc Monitoring has upgraded its IT infrastructure in order to take advantage of the latest data processing and network recording and storage technology. The business has also improved its demonstration and training facilities.

Established in 1999, Arc Monitoring partners with professional Installers across the UK. For over 18 years, the business has provided an alarm response service and remotely monitored thousands of sites across the UK.

Customers are offered free 24/7 technical advice on industry leading products such as those produced by CSL, Emizon, WebWay and Digital Communicators by Arc Monitoring’s in-house technical experts and field-based pre-sales team.

Leave a comment

Filed under Risk UK News