Security of client data is paramount

MARK BLACKWELL, MANAGING DIRECTOR, XIT2

It seems that barely a month goes by without a famous firm falling victim to a data security breach.

The latest casualty is betting specialist Ladbrokes. Someone claiming to have access to its database of 4.5 million customers called the Mail on Sunday to sell the newspaper access to them, sending 10,000 details to show he was serious.

Luckily, the paper brought the incident to the attention of the Information Commissioner’s Office and a criminal investigation was launched.
Ladbrokes has told customers that no bank information was lost but on this occasion the house certainly did not win.

The perpetrator says he was given the data by a junior member of staff. This highlights the point that in many cases those who have the most exposure to sensitive information are junior staff such as data processors, administrators and call centre operatives.

With access to such a valuable commodity these employees are prime targets for fraudsters, and may be tempted to commit the fraud themselves.

Staff succumbing to temptation is a distinct possibility so it is vital that firms handling sensitive data ensure they are protected both from within and without.

For example, restricting data access to IP addresses at approved locations means that even if passwords are passed on no information can be accessed.

There will be further lapses in data security in 2010 and lenders must ensure it’s not them making headlines.