FSA Reports on Lack of Data Security

The FSA recently report on a lack of data security within the financial industries.

The report states that UK companies severely underestimate the risk of customer data loss and misuse. It also showed that the worst offenders, with respect to customer data, are the small/medium businesses (SMBs).

The report did not examine the threates from external attacks, but instead focused on internal threats.

While the report does provide advice to firms it “does not constitute formal guidance from the FSA. However, we expect firms to use our findings, to  translate them into a more effective assessment of this risk, and to install more effective controls as a result. Small firms should consider the specific data security factsheets that [the FSA] will make available to them on the FSA website”.

The report commented that some areas, e.g certain databases, are generally handled well but noted other areas are not, including:

“Large and medium-sized firms usually recognise the risks of data loss via laptops, USB devices and the internet. But few firms completely mitigate data security risks by locking down USB ports and CD writers, encrypting laptops and USB devices and blocking webbased communication facilities such as Hotmail and instant messaging. Small firms are very weak in this area, with few of them identifying or mitigating risks.”

The FSA Data Security Report

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: