Companies and public bodies are not doing enough to protect customers’ data, the UK’s privacy watchdog and a major survey of security have said.

The Information Commissioner said that the 94 security breaches reported to him last year was an “alarming” number.

The survey of more than 1,000 firms suggested that almost 90% of them let staff leave offices with potentially confidential data stored on USB sticks.

Firms and public bodies were urged to make data protection a priority.

Information Commissioner Richard Thomas said of the 94 data breaches, two thirds were committed by government or other public sector bodies.

Data had been recovered in only three of the 94 cases, he said.

The material included personal details of UK citizens, including health records.

“The evidence shows that more must be done to eradicate inexcusable security breaches,” he said.

Mr Thomas’ findings and the separate Information Security Breaches Survey will be detailed at the InfoSec show in London, the world’s largest event of its kind.

The survey was carried out by Price Waterhouse Coopers on behalf of the Department for Business Enterprise and Regulatory Reform.

According to the survey, almost 80% of firms that had reported a stolen computer had not encrypted data on the hard drive.

Chris Potter, from PricewaterhouseCoopers, which compiled the survey, told BBC News that overall attitudes to security had improved in the last 12 months.

System failures

“Companies have focused on the areas which have caused them most damage in the past, such as viruses and system failures.

“These tend to have caused the greatest cost in terms of business interruption.”

But he said the “biggest concern is around the protection of customer data, which companies clearly want to be good at.

“Sometimes that’s not translating into real action.”

He said particular threats were around the lack of encryption of data on laptops, the use of USB memory sticks and newer technologies like Voice over Internet Protocol.

“In all these areas the controls are not as strong as they are over traditional threats,” he said.

Mr Potter’s comments were echoed by those of the Information Commissioner.

Mr Thomas said: “The government, banks and other organisations need to regain the public’s trust by being far more careful with people’s personal information.

“Once again I urge business and public sector leaders to make data protection a priority in their organisation.”

Of the total reported to the commissioner, 62 security breaches were in the public sector, 28 were in the private sector and four in the charity or third sector.

Of those reported by public sector bodies, almost a third happened in central government and associated agencies, and a fifth in the NHS.

According to the PricewaterhouseCoopers report, fewer companies today are encrypting data on laptops than two years ago, despite a recent spate of high-profile instances of laptop losses with unencrypted information.

Mr Potter said: “We have seen in successive surveys that companies tend to be very good with preventing yesterday’s problems. Companies need to say on their toes to make sure they are addressing tomorrow’s problems.”

The report found that the number of attempts to hack into company networks had risen dramatically over the last two years.

“What is a really big concern is the proportion of large businesses that say hackers have got into their networks,” said Mr Potter.

Two years ago one percent of large businesses reported a hacker penetration compared to 13% in the current report.

The survey also said that figure was likely to be under-reported because many large firms did not admit to successful hacks on their networks.

Security breaches cost UK business roughly several billions pounds a year, said the report.

Leopard has been hacked in under two minutes using a flaw in Safari, while Vista and Ubuntu continue to stand firm.

The competition took place at the CanSecWest security conference in Vancouver, and pitted hackers against three laptops running Vista Ultimate SP1, Leopard OS X 10.5.2 and Ubuntu 7.10 to discover which was the most vulnerable.

A MacBook Air running a fully-patched version of Leopard succumbed in under two minutes, hacked by security researcher Charlie Miller who used a technique similar to a phishing attack, which involved clicking a link to a website containing malicious code, which allowed him to remotely access the machine.

Miller had been working on the exploit in the three weeks following the announcement of the challenge. He previously made a name for himself hacking the iPhone, though the Leopard exploit was far more lucrative bagging him a £5,000 prize from sponsor Tipping Point, who has notified Apple of the flaw.

At the time of writing both Vista and Ubuntu have yet to be compromised.

Source – PC Pro

BT Wholesale is close to launching an inexpensive new device that could radically improve the speed of ADSL broadband connections.
The telecoms giant claims that electrical interference from household objects – including televisions, set-top boxes and even Christmas tree lights – can reduce a broadband connection to a crawl.

Faulty or leaky power supplies from the electrical equipment interferes with the “Bell Wire” running around the home, creating excessive noise on the line.

However, BT has been trialling a device called an Interstitial Plate – or iPlate – that will slot into the master telephone socket and largely eliminate the noise, providing a significant boost for broadband speeds.

BT Wholesale demonstrated the technology to journalists today at its Gatwick headquarters. It showed how an ADSL connection running at 3.8Mb/sec was reduced to just 700Kb/sec when a nearby fluorescent lamp with a faulty power supply was turned on. When the iPlate was fitted to the master socket, the connection returned to its normal speed.

BT says it’s been trialling the device with around 1,000 customers with connection problems and has been very pleased with the results. “We’ve seen huge increases in speed,” claimed Ashley Pickering from BT Wholesale’s broadband access solutions team. On average, it makes one and a half megs of difference.”

Pickering says he expects the device to be launched within the next few months, with a retail price of around £10. The device can be fitted without the services of an engineer, simply by unscrewing a plate in the master socket and slotting the iPlate in. BT says it expects ISPs to distribute the device freely to customers with connection problems, saving on the expense of support calls and engineer visits.

Source – PC Pro

Half of all broadband customers are dissatisfied with their service, according to a new report.
The survey conducted by Uswitch ranked nine internet service providers and found that the gap between best and worst is widening, with a difference of almost 21% in customer satisfaction scores – an 8% increase on the year before.

Topping the list is PlusNet, which won the survey’s Best Overall Provider accolade by polling 86% in customer satisfaction. Resting at the foot of the list is Orange, with the survey claiming that over a third of its customers were unhappy with the service they were receiving.

Sky continued its ascent, clambering above arch rival Virgin Media in the rankings with an 81% customer satisfaction score. Virgin Media held steady with three quarters of its customers satisfied, but losing ground on value for money, customer and technical support.

Outside the big winners customer satisfaction scores slipped across the board, with the big losers being Pipex which slipped 9% to 45% and AOL dropping 6% to 59%.

No more excuses

“The ISPs used to put these problems down to teething problems, but it’s been seven years now,” says Uswitch spokesperson, Charlotte Nunes. “The technology’s bedded down and customers expect more than they did. Broadband is an essential part of people’s lives now, they depend on it and so when things go wrong they expect their ISP to sort it out.”

“Companies like TalkTalk have invested a lot of money in their customer service, it’s better now but it’s still got a way to go. But some companies like Orange are still charging premium rates for technical support and that’s a big part of why people are dissatisfied. We’d certainly like to see Orange making the same sorts of promises on technical support we’ve seen from TalkTalk.”

However, Orange says it’s on the right track.

“Our own customer satisfaction research, along with independent testing of our service, has revealed extremely positive findings,” claims an Orange spokesperson.

“This has come as a direct result of us having recently taken steps to improve our network capacity and customer services, which included investing heavily in our teams and we will continue to do so.

“Our focus is on getting things right for our customers and we shall continue working to improve the levels of service we provide as well as to offer clear, value for money propositions.”

Source – PC Pro