Archive for the ‘Data Breaches’ Category

PECRs (Cookies) Implementer guide for public sector websites

March 28th, 2012 by

What are you doing to comply with the new Cookies Law?

According to official guidance from the Government Digital Service (GDS), RECOMMENDATION 1 is to undertake a comprehensive audit of cookies.

The guidance states that ‘… Where it is not possible for a department’s web team to definitively list all the cookies (both first- and third-party), an external organisation can be commissioned to carry out an audit.’

Cookies Audit Service Cookies Audit Service
Book during March for delivery During April

RRP: £1,495
Price: £995
You Save:£500 (When booked during March 2012!)

Learn more

Buy Now
     

The one year period of grace for compliance with the new Cookies Law is nearly gone – from 26 May 2012, websites that are not compliant with the revised PECR run the risk of attracting attention from the Information Commissioner – and, possibly, a regulatory penalty of up to £500k.

There are less than three months to pull together your EU Privacy Law compliance strategy – and compliance is not going to be straightforward.

  • Do you know what cookies your site installs?
  • Do you know how intrusive or essential they are?
  • Do you know how to get the ‘informed consent’ of your visitors prior to installing each of the cookies?

There will be difficult decisions to make and technological website changes to implement. Web developers are not compliance experts. The compliance obligation falls clearly and squarely on the website operator. As there has been a 1 year lead-in period, there is no excuse for not having made a start on compliance.

The essential first step is to complete a Cookies Audit. A Cookies Audit will tell you what cookies you have on your site and will tell you what steps you need to consider in order to become compliant. The ITG Security Testing Cookies Audit is a quick, effective and thorough process that delivers all the information the ICO expects of such an audit – and, alongside our detailed analysis of your cookies, we throw in extra value, such as relevant opt-in text and a cookie security assessment.

Don’t take chances – get an experienced website testing firm to audit your site right away. Don’t get caught in the last minute rush when prices go up and resource availability goes down. – and, until 30 March 2012, pay only £995 per website – book online, email us or call our customer service team and get your Cookies Audit scheduled right away.

0845 070 1750

Act today. We’re ready and waiting for your call.

Tags: , ,
Posted in Data Breaches, Information Security, Offers | No Comments »

ICO Fines Police For The First Time – £70,000 For One DPA Breach

March 27th, 2012 by

The Information Commissioner’s Office (ICO) has served a £70,000 penalty to Lancashire Constabulary after papers containing sensitive information about a 15 year old girl were found on a street in Blackpool. This is the first penalty the ICO has issued to a police force.

In an almost comical turn of events, it is said that the missing person’s report was left in the car of an officer who was trying to track down the individual in question. The report then – somehow –managed to find its way out of the car, the ICO use the term ‘…the report fell out of the car’. Perhaps it was its turn on tea run.

The report was found by a member of the public and handed in to a local newspaper. The report contained extremely sensitive information of about the girl including her name, age, address, the fact that she had been raped, the girls’ attacker, and details of 14 other people.

There are many issues at play here…

One: would Lancashire Constabulary even have noticed if the report was not found and handed in?

Two: Did the Constabulary have any process for reporting the loss/theft of documents, and thus a plan of action in such an event (yes, this is a rhetorical question as they blatantly did not).

Three: How many other instances of careless and mishandling of sensitive information go on up and down the county in our Constabulary’s?

The Information Commissioner slapped a £70,000 fine on Lancashire Police and they have agreed to an undertaking of their data handling procedures. Considering the nature of the data loss, and the sensitivity of the information, Lancashire Police might well feel they’re lucky not to have incurred a larger fine.

Steve Eckersley, Head of Enforcement said of the issue:

“The fact that information as sensitive as this could go missing without anybody realising is extremely worrying, and shows that Lancashire Constabulary failed to have the necessary governance, policies and suitable training in place to keep the personal information they handle secure.”

“The loss of this information and the news that it had been leaked to a local newspaper is likely to have been extremely distressing for all involved.”
Complying with the data protection act and ensuring you handle data correctly isn’t that difficult, especially when someone else has already thought of the solution for you.

Buy the DPA Compliance toolkit today, use its user friendly tools and resources and it will guide you through your DPA obligations and ensure you are DPA compliant.

Complete Data Protection Toolkit Complete Data Protection Toolkit


Price: £156

Learn more

Buy Now

Buy the DPA toolkit today >>>

Posted in Data Breaches, International | No Comments »

Compliance, Compliance, Compliance. Say it as many times as you like, it doesn’t make it go away.

March 20th, 2012 by

Compliance is a dirty word that many folk get turned off by and tend to ignore. Let’s turn this around and make it exciting. Let’s make it easy and let’s make it a positive business enabler!

There are three compliance issues that I want to discuss today and before you turn off and press Ctrl D, you will not want to miss this, I promise!

I’ll start with a little teaser. Would you like to achieve any of these outcomes:

  • Reduce your monthly costs?
  • Demonstrate to the board that you are protected against fines?
  • Empower your customers to love you even more?
  • Win new business because of your competitor’s shortcomings?
  • Attend a one day training course for free?

I’m guessing that you agree with all of these, yes? Great, let’s find out how …

Read on or skip to the good stuff!

The three compliance issues I want to discuss are issues that affect many UK organisations. Firstly we have the UK Data Protection Act (DPA). Secondly we have the Payment Card Industry Data Security Standard (PCI DSS). And finally we have the very real threat that all organisation should be looking to combat right now, the threat of Cyber Attack.

Ok, you may be thinking that cybersecurity isn’t a compliance issue. Technically you may be correct but in reality, sooner or later your shareholders, your customers and more than likely your supply chain, will be demanding that you demonstrate compliance with the international Cybersecurity Standard ISO 27001.

So how will compliance help achieve these outcomes? It’s fairly straight forward …

Reduce your monthly costs:
Have you checked your bank charges statement lately? Have you seen the charge for ‘PCI DSS compliance’?
This isn’t a charge for compliance – this is really a charge for non-compliance. It’s costing most SMEs £600+ per annum to be non-compliant.

Demonstrate to the board that you are protected against fines?
Organisations found to be in breach of the DPA are being fined up to £500K by the Information Commissioner’s Office! Achieving DPA compliance will remove this risk and protect you from regulatory fines.

Empower your customers to love you even more:
By achieving DPA and PCI compliance, you will demonstrate to your customers that you take the security of their personal and sensitive data seriously. You will give them confidence to spend money with you and they will love you even more.

Win new business because of your competitor’s shortcomings
The press are all over data breaches and Cyber attacks right now. Take a look at Sony – Following a stream of data blunders, primarily at the hand of Cyber criminals, they have basically sent their customer packing. Savvy competitors have capitalised on Sony’s misfortune (misfortune used very loosely here), and won market share by demonstrating robust cyber resilience, and thus inspiring confidence in the market place.

Attend a one day training course for free
Do I have your buy-in for achieving compliance with the DPA, PCI DSS and ISO27001? Great, let’s find out how to make it exciting and easy. I hope by now, that you’ve seen how compliance can be a positive business enabler.

The DPA, PCI and ISO 27001 Foundation Combination Package is the most cost effective route to DPA and PCI compliance and will set you on the path to ISO 27001 Certification.

DPA, PCI and ISO 27001 Foundation Combination Package DPA, PCI and ISO 27001 Foundation Combination Package
Book in March to get one course free!

RRP: £1,429
Price: £954
You Save:£475

Learn more

Book Now
     

When you book all three together during March 2012, you get three for the price of two!

Attend:
PCI Foundation Course – 29 March 2012
ISO27001 Certified ISMS Foundation – 5 April 2012
DPA Foundation Course – 11 May 2012

Please note: We offer full flexibility on course dates and you can send a different delegate on each course. If you have specific requirements that differ from the options available please call 0845 070 1750 or email servicecentre@itgovernance.co.uk.

Don’t delay. Use any remaining budget you have to tackle these important compliance issues. Book Today!

Tags: , , , , , , , , , , , ,
Posted in Data Breaches, Information Security, Offers, PCI DSS | No Comments »

Become DPA Compliant with our March offer. Avoids fines and brand damage.

March 15th, 2012 by

All UK organisations must comply with the Data Protection Act (DPA). Failure to do so could incur a monetary penalty of up to £500k from the Information Commissioner’s Office (ICO).

If you have any budget left for this financial year and want to get on top of this compliance issue, don’t delay in purchasing the Complete Data Protection Toolkit. It only costs £156 and gives you a complete do-it-yourself solution.

As an additional benefit, when you purchase the Complete Data Protection Toolkit during March 2012 we’ll send you a free Cyber Security Self Assessment Tool, which will enable you to assess the overall security posture of your organisation!

Don’t hesitate, buy today!

Complete Data Protection Toolkit Complete Data Protection Toolkit
Buy today and get a free Cyber Security Self Assessment Tool!

Price: £156

Learn more

Buy Now
     

The Complete Data Protection Toolkit provides all the tools and resources you need to carry out your own DPA project and become compliant quickly and cost-effectively.

Find out what’s included and how you can put it to use today.

Ensure you organisation avoids fines and brand damage and become DPA Compliant today.

Tags: , ,
Posted in Data Breaches, Offers | No Comments »

Cookies Law Compliance – spend £1k to avoid a £500k fine

March 12th, 2012 by

The one year period of grace for compliance with the new Cookies Law is nearly gone – from 26 May 2012, websites that are not compliant with the revised PECR run the risk of attracting attention from the Information Commissioner – and, possibly, a regulatory penalty of up to £500k.

There are less than three months to pull together your EU Privacy Law compliance strategy – and compliance is not going to be straightforward. Do you even know what cookies your site installs? Do you know how intrusive or essential they are? Do you know how to get the ‘informed consent’ of your visitors prior to installing each of the cookies?

There will be difficult decisions to make and technological website changes to implement. Web developers are not compliance experts. The compliance obligation falls clearly and squarely on the website operator. As there has been a 1 year lead-in period, there is no excuse for not having made a start on compliance.

The essential first step is to complete a Cookies Audit. A Cookies Audit will tell you what cookies you have on your site and will tell you what steps you need to consider in order to become compliant. The ITG Security Testing Cookies Audit is a quick, effective and thorough process that delivers all the information the ICO expects of such an audit – and, alongside our detailed analysis of your cookies, we throw in extra value, such as relevant opt-in text and a cookie security assessment.

Don’t take chances – get an experienced website testing firm to audit your site right away. Don’t get caught in the last minute rush when prices go up and resource availability goes down. – and, until 30 March 2012, pay only £995 per website – book online, email us or call our customer service team and get your Cookies Audit scheduled right away.

0845 070 1750

Act today. We’re ready and waiting for your call.

Tags: , , ,
Posted in Data Breaches, Information Security, Offers | No Comments »

End-to-end solution for all your DPA needs

March 8th, 2012 by

Compliance with the UK Data Protection Act (DPA) is a high priority right now, especially considering the recent fines issues by the Information Commissioner’s Office (ICO) for failures to protect sensitive data.

If you have any budget left for this financial year, you should be looking to get maximum value by securing the training and resources to help with compliance issues over the next few months.

At IT Governance, we’re committed to helping organisations to get the most from their budgets and offer you the chance to buy now and save for the future.

We have the end-to-end solution for all your information security, IT governance, risk management and compliance needs.

For Data Protection Act Compliance we offer everything:

Talk to us today and find out how we can help you achieve DPA compliance on time and on budget.

0845 070 1750

DPA Foundation Course DPA Foundation Course
Public and in-house courses available

Location: London
Next date: 11 May
Price: £440

Learn more

Buy Now
     

This interactive and enjoyable one-day course gives both new and experienced staff and management – those involved with or responsible for personal data – an oversight of what the Data Protection Act means to their business also to their own rights as an individual.

“I would like to thank the course tutor on behalf of the Troop for the in-house training that he delivered on Friday. Although I did not attend it myself, the guys got a lot out of the course and have now started firing questions at me (which means they were awake for the course!!!!!).
Please pass on my thanks to Ralph for a well structured and delivered course”
SSgt Lee Johns, MOD

Get to grips with DPA compliance

Book your place on this course today >>

Tags: , , , , ,
Posted in Data Breaches | No Comments »

Data Protection: Know Your Requirements

March 2nd, 2012 by

Data Protection within the UK is a hot topic, and within your business it should be even hotter. Under the DPA, if you or any of your colleagues breach the Data Protection Act (DPA) it could cost your firm up to £500,000 in fines from the ICO and inflict brand damage which could eventually close down your business.

Know your requirements within Data Protection and don’t let this happen.

Your business needs to operate in compliance with the Data Protection Act. Know your requirements with this essential book, available to download today >>

Data Protection Compliance in the UK: Second edition (eBook) Data Protection Compliance in the UK: Second edition (eBook)
by Rosemary Jay and Jenna Clarke

RRP: £19.95
Price: £16.95
You Save: £3.00

Learn more

Buy Now
     

Know your requirements with this handy DPA pocket guide >>

More to explore:

Data Protection vs Freedom of Information
Data Protection vs Freedom of Information

Learn more

Buy Now
Data breaches: Trends, costs and best practices
Data breaches: Trends, costs and best practices

Learn more

Buy Now
DPA Foundation Course - in London
DPA Foundation Course – in London

Learn more

Buy Now

Tags: ,
Posted in Data Breaches | No Comments »

Quick, cost-effective DPA compliance

February 22nd, 2012 by

There is a standard approach towards achieving DPA compliance:

  • Understand what the DPA is how it affects your business
  • Identify your current level of conformance to the DPA
  • Identify gaps and steps to achieve compliance
  • Document your DPA policies
  • Understand how to react if you suffered a data breach
  • Initiate DPA staff training.

Our Complete Data Protection Toolkit contains everything you need to use this recommended approach.

Complete Data Protection Toolkit Complete Data Protection Toolkit
For quick, cost-effective DPA compliance!

Price: £156
Buy during February and get a free ICT Strategy Toolkit!

Learn more

Buy Now
     

Ensure you organisation avoids fines and brand damage and become DPA Compliant today!

Buy this toolkit before the end of February and get a free ICT Strategy Toolkit!

Tags: , , , ,
Posted in Data Breaches, Offers | No Comments »

Would you know if you were hacked?

February 17th, 2012 by

A report by Trustwave has  revealed some startling statistics around data breaches; the most frightening one being that most organisations don’t even know they’ve been hacked.

  • Only 16% of organisations that suffered a data breach last year were able to detect it themselves. This means that 84% only found out they had been hacked when they were told by an external party, such as a regulatory body, law enforcement or by the public
  • Those that were notified by an external party waited an average of 173.5 days before they were told
  • The most popular password for organisations to use is ‘Password1′
  • 89% of organisations were hacked last year because of the value of their customer records 
  • The food and beverage industry is the top target for hackers
  • 8.00 am and 9.00am (Eastern Time, U.S) is the most likely time for an email to be sent with a malicious attachment.

Source: Trustwave

Does any of this ring a bell for you? Do you use ‘Password1′ or a similar phrase? Are you plagued by malicious emails? And most importantly, would you know if you were hacked?

The Complete Data Protection Toolkit will provide you with everything you need to help you comply with the Data Protection Act (DPA), ensuring you become compliant quickly and cost-effectively. This toolkit will help you beat hackers and protect your business from suffering a data breach.

Find out more about the Complete Data Protection Toolkit here >>

 

 

 

Tags: ,
Posted in Data Breaches | No Comments »

Complete DPA and PCI training: Book together and save £200!

February 14th, 2012 by

We are now offering you the chance to book the DPA Foundation Course and the PCI Foundation Course together, saving you £200!

The DPA and PCI Foundation Combination Course offers you the chance to tackle both compliance issues at a reduced price. Both courses (which take place in March 2012) cover the compliance basics and are ideal for those either new to the subject or those that want a refresher course in handling data.

Complete DPA and PCI training: Book together and save £200! >>

DPA and PCI Foundation Combination Course - in London DPA and PCI Foundation Combination Course – in London

RRP: £935.00
Price: £735.00
You Save: £200.00

Learn more

Buy Now
     

Complete DPA and PCI training: Book together and save £200! >>

The DPA Foundation Course and PCI Foundation Course are also sold separately on our website.

Tags: , , ,
Posted in Data Breaches, PCI DSS | No Comments »

« Older Entries
Newer Entries »