The Ministry of Defence (MoD) has admitted that it has lost 340 laptops in the past two years with less than half having encrypted data.

In a response to a Freedom of Information request by Lewis PR, the MoD revealed that 120 laptops were stolen and 220 were lost. Only 25 were recovered. Also, 593 CDs, DVDs and floppy disks, 215 USB memory sticks, 96 hard-disk drives and 13 mobile phones also went missing, many containing sensitive data which was not encrypted.

Read the rest of the article here.

Gradian have partnered with PGP, a global leader in email and data encryption software, to offer comprehensive protection of data in the event of a lost laptop. The PGP Encryption Platform provides a single, leveraged, extensible architecture that reduces IT operational costs and eliminates the duplicative tasks, systems, training, and support issues that plague other approaches.

Gradian are PGP’s only European managed Service provider, and offer PGP Whole Disk Encryption as-a-service, delivering complete peace of mind and cost savings with our pay per use model.

The deal will see Gradian provide PGP® Whole Disk Encryption as-a-service for over 100 brightsolid users. The technology provides comprehensive, nonstop disk encryption for Windows and Mac OS X, enabling quick, cost-effective protection across PCs, laptops and removable media. Importantly, the encrypted data is continuously safeguarded from unauthorised access, providing strong security for intellectual property, customer and partner data, and corporate brand equity.

“We were impressed by the ease of deployment, and the fact that the protection is automatically enforced. The perfect security solution should be absolute yet invisible, and this service from Gradian is as close to that ideal as it gets” said Graham McKay Risk, Security and Business Continuity Manager at brightsolid. “A stolen laptop would be a nightmare situation for us, but this cloud-based service will maximise our protection, minimise our expenditure, and allow us to get on doing what we do best – worry-free.”

Damian Acklam, Managing Director at Gradian added “brightsolid are a forward-thinking company and see that a managed service will provide them with business benefits year after year. They’re reaping all the rewards of an award-winning architecture without needing to outlay huge sums of money. Security shouldn’t be a headache, and with Gradian’s managed services it’s anything but.”

Last week’s news that the US Financial Industry Regulatory Authority (FINRA) has issued a fine of $700,000 to Piper Jaffray & Co. for failing to retain approximately 4.3 million emails from November 2002 through to December 2008 illustrates one of the many obstacles that can fall in the way of recovery and growth. The company, a middle-market investment bank and institutional securities firm, also failed to inform FINRA of its email retention and retrieval issues, which impacted the firm’s ability to comply completely with email extraction requests from FINRA.

A fine of almost three quarters of a million dollars isn’t small change by anyone’s standards, and could quite easily mean the difference between a bumper year and a devastating loss. The lesson must be to ensure that security is a key cornerstone of any IT strategy. Regulatory requirements are top of the list, and storing information in a sensible and easy to access archive a must. Knowing that data is stored and protected has a double benefit: money doesn’t need to be expended to find illogically archived information, and a healthy bottom line remains intact.

Over the years Symantec have regularly gobbled up respected technology vendors in a bid to feed their appetite for success. As a vendor of some of the technologies they’ve targeted, we’ve experienced these acquisitions from an entirely different perspective – whilst still looking after the end users. We were partners of both Sygate and Altiris before and whilst they were acquired by Symantec in 2004 and 2008, respectively, and are Silver partners of PGP.

Today we still offer these three technologies: SEP v11 (the evolution of Sygate); Altiris and PGP. We’re the only privately-held service-focused company that does so. Our position here is unique – and it’s incredibly valued by customers. As an independent partner we act as a buffer between the end user and technology vendor. We offer consistency at a time of uncertainty, uninterrupted service and the advantage of an experienced partner to vendors going through change.

PCC turned to Gradian for guidance on how to best exchange data with individuals and organisations outside of the Government Connect Secure Extranet (GCSX). We recommended Proofpoint’s email encryption solution as it automatically encrypts and decrypts sensitive content, without end-users having to take special actions to ensure that confidential or private information is encrypted before being transmitted over the internet. It’s quick to set up, and incredibly easy to use.

The solution was originally trialled with the council’s occupational health service where medical information is exchanged between the council’s occupational health staff and external staff at surgeries in the area. Short set-up times and ease of use meant the Proofpoint solution was quickly hailed a success, and PCC were keen to start using the technology across other areas of the Council as soon as possible. PCC now use Proofpoint’s email encryption technology across several Council departments including occupational health, social landlords and the election service. However, the technology has been so simple to use that a full roll-out across the Council is on the cards.

Read the full story here.

Protecting Sensitive Information on a Wide Area Network

Background

Portsmouth is a city of about 188,500 people located in the county of Hampshire on the southern coast of Great Britain. It is the most densely populated city outside of inner London with 46.9 people per hectare. Portsmouth City Council (PCC) aims to help the residents of Portsmouth with all aspects of their day-to-day lives. The Council ensures the city is healthy, clean, safe and supportive for every one of its citizens.

“Set up, trialled and expanded across other departments. With Gradian’s help it’s definitely gone to plan.”
Derrick Hawkes, Portsmouth City Council

The Challenge

PCC had previously undertaken a project to comply with security requirements to connect to the Government Connect Secure Extranet (GCSX). This is a private Wide Area Network (WAN) which enables secure interactions between connected local authorities and other Government Secure Intranet (GSi) connected organisations, including the Department of Work and Pensions and the Police National Network.

Whilst working to ensure data exchanged between the Council and other government bodies was secure, PCC wanted to extend the same high level of security across their other interactions – with individuals and organisations outside of the GCSX.

Derrick Hawkes, Information Service Project Manager at PCC, explains: “Data security is taken extremely seriously at PCC. We need to exchange vital information with individuals and organisations such as landlords, occupational health practitioners and countless others every single day. Just because these people are out side of the GCSX does not mean the information we’re exchanging is any less important”. Derrick continues: “We need to exchange sensitive information quickly and securely to ensure the City Council provides an efficient and high quality service for our thousands of citizens”.

The Solution

PCC consulted independent experts Gradian Systems for advice on how best to protect the sensitive information that needed to be exchanged with non-GSCX bodies. Gradian recommended Proofpoint’s email encryption solution, which automatically encrypts and decrypts sensitive content, without endusers having to take special actions to ensure that confidential or private information is encrypted before being transmitted over the internet.

The solution was originally trialled with the council’s occupational health service where medical information is exchanged between the council’s occupational health staff and external staff at surgeries in the area. Short set-up times and ease of use meant the Proofpoint solution was quickly hailed a success, and PCC were keen to start using the technology across other areas of the Council as soon as possible. Derrick Hawkes reflects “All we have to do is register the external users on the system, send them instructions on how to connect, and then off we go. Gradian have recommended the ideal solution. It does exactly what it says on the tin – it protects
us.”

Previously, PCC transferred sensitive information via recorded mail. Not only was this more costly than email, but it was also time consuming. To ensure security, recipients would have to wait at least a day to receive the information they needed, and resulting actions would also be delayed. The Proofpoint Messaging Security Gateway has allowed PCC to reduce the cost and environmental impact associated with physical mail, and has dramatically increased efficiency.

“Gradian have recommended the ideal solution. It does exactly what it says on the tin – it protects us.”
Derrick Hawkes, Portsmouth City Council

The Result

PCC now use Proofpoint’s email encryption technology across several Council departments including occupational health, social landlords and the election service. However, the technology has been so simple to use that a full roll-out across the Council is on the cards. Derrick observes “There’s so much sensitive information everywhere – from names and addresses through to payment information. It would only take one email getting into the wrong hands to potentially harm our citizens, the service the Council offer and PCC’s reputation, and we cannot allow that to happen.”

It’s often hard to quantify the success of a security project, but Derrick sums it up perfectly: “Success is the fact that we suffered no data leakage. The solution works perfectly, Gradian have helped us work faster and with peace of mind.”

At this year’s show the Gradian and Proofpoint teams will be focusing on the huge threat posed by outbound email, which can lead to breach of compliance and unintentional data leakage. We’re tackling this issue through transparent email encryption and hoping to talk to CIOs from around the world about the importance of consolidating point products (Anti-spam, Anti-virus etc). It’s Proofpoint’s technology which has helped Xerity SRL reduce email security costs by more than 30%, whilst making email easier to manage and assuring compliance with the increasingly strict regulatory environment.

And just to keep things lively, we’re giving away an Apple iPad at the show!  Register here for your chance to be one of the first to own this amazing device. Come and visit us at stand L90.

The IT Directors’ profiles indicate that access control and data security are the two areas that will receive the most funding. Hot on the heels of these issues are risk management and wireless security.

The results (thus far) make for interesting reading, but it’s not hugely surprising. The recession has meant that spending has been low over the last 18 months, and the rate at which technology advances means that it’s more important than ever to protect your data from the ever advancing cyber criminals. Profit is precious, and to lose money, critical information and a strong corporate reputation just as we’re climbing out of the recession would be crippling.

If you can’t wait until June to find out how to tackle the hot topics that’ll be discussed at the IT Directors Forum, book a meeting with our security experts today.