Beobachten
- Pressemitteilung BoxID 528563
Cryptzone says Dropbox breach could have been a lot worse - but it's still time to wake-up-and-smell-the-coffee
"If that account also has your work stuff on it, you're dead in the water as far as the boss is concerned" - Grant Taylor, VP Europe, Cryptzone
(PresseBox) (Göteborg, )
Commenting on an admission by Dropbox's Vice President of engineering that the spamming of many of the cloud service provider's clients in recent weeks has been traced to an employee password re-use breach, Cryptzone says this highlights the dangers of using the same password for both business and personal usage.
"Most governance experts - ourselves included - will tell you to use different passwords for different systems, but this case is one of those 'wake-up-and-smell-the-coffee' moments for IT security professionals, as it shows the need to also keep passwords separate for work and personal internet activities," said Grant Taylor, European Vice President of the IT threat mitigation specialist.
"We would go further and argue that people should not be using Dropbox for many business purposes. CISOs and compliance managers would be horrified to know that confidential data was being moved out of the organisation's sphere of control. Free services by their very nature don't have the features to facilitate corporate control and management.
The problem here, the Cryptzone European VP says, is that members of staff, particularly the young, tend to blur the lines between work and play - and whilst it is perfectly understandable for them to use the convenience of a service like Dropbox to access work files at their leisure, their managers need to explain that when it comes to corporate data, such practices simply are not acceptable in today's regulatory environment.
If corporate information is moved to personal accounts in contradiction to corporate policies, you're dead in the water as far the boss is concerned. Apart from disciplinary action for the individual, their employer could be looking at investigation from regulatory bodies possibly resulting in severe fines. So when seeking to improve work/life balance, don't just think convenience, think risk, he says.
For more on Cryptzone: http://www.cryptzone.com
For more on the Dropbox revelations: http://bit.ly/QeQ8xX
"Most governance experts - ourselves included - will tell you to use different passwords for different systems, but this case is one of those 'wake-up-and-smell-the-coffee' moments for IT security professionals, as it shows the need to also keep passwords separate for work and personal internet activities," said Grant Taylor, European Vice President of the IT threat mitigation specialist.
"We would go further and argue that people should not be using Dropbox for many business purposes. CISOs and compliance managers would be horrified to know that confidential data was being moved out of the organisation's sphere of control. Free services by their very nature don't have the features to facilitate corporate control and management.
The problem here, the Cryptzone European VP says, is that members of staff, particularly the young, tend to blur the lines between work and play - and whilst it is perfectly understandable for them to use the convenience of a service like Dropbox to access work files at their leisure, their managers need to explain that when it comes to corporate data, such practices simply are not acceptable in today's regulatory environment.
If corporate information is moved to personal accounts in contradiction to corporate policies, you're dead in the water as far the boss is concerned. Apart from disciplinary action for the individual, their employer could be looking at investigation from regulatory bodies possibly resulting in severe fines. So when seeking to improve work/life balance, don't just think convenience, think risk, he says.
For more on Cryptzone: http://www.cryptzone.com
For more on the Dropbox revelations: http://bit.ly/QeQ8xX
Diese Pressemitteilungen könnten Sie auch interessieren
|
Protea Workshop: Web Gateway - Content Power von McAfee
, Sicherheit, Info-Point-Security GmbH
Inhalt des Workshops: Ohne Internet geht nichts, aber Cybercrime, Malware, neuartige Attacken, und Achtung: Malware, die auch von gut beleumundeten Seiten kommen...
|
Match & Meet: NovaStor bietet Backup- und Storage-Händlern eine neue Plattform zum Wissens- und Erfahrungsaustausch
Die Auftaktveranstaltungen zu NovaStors neuer Match & Meet Veranstaltungsserie finden am 03. Juni 2013 in Frankfurt am Main und Heidelberg sowie am 05. Juni 2013...
|
Neueste Informationen zur Bekämpfung von Produktfälschungen
, Sicherheit, Hewlett-Packard Deutschland GmbH
. - Erhalten Sie das neueste Update zum Thema Bekämpfung von Produktfälschungen Gefälschte Druckverbrauchsmaterialien sind eine ernste Bedrohung für Unternehmen...
