0333 123 1240 info@pro2colgroup.com

Globalscape Webinar | Simplify PCI Compliance

Payment Card Industry Data Security Standard (PCI DSS 3.0) Became Mandatory from January 1st 2015 Join Globalscape on this webinar to learn tips and best practices from Security Industry leading experts. If credit card processing or payments touch your organisation, the time is now to make sure you are in total compliance with Payment Card Industry Data Security Standards (PCI DSS). Make sure your growing organisation is protected at every branch, facility, office, or online—wherever card data is transmitted, stored, or archived.   Webinar Agenda: What is PCI? Why do I need to worry about this? What has changed in PCI-DSS Version 3.0 What are the best practices How can I be sure that I’m compliant? Q & A Event Type: Live Webinar Event Date: Thursday 22th January – 17.00 Hrs GMT   Review this Webinar Payment Card Industry Data Security Standard version 3 (PCI DSS 3.0) became mandatory Jan. 1, 2015. Prepare for PCI Qualified Security Assessors (QSA) using PCI 3.0 when it comes to merchant assessments and how well data security requirements are met. Globalscape sits on the PCI Security Standards Council and was chosen for membership in the Participating Organisation program. Globalscape has active involvement in the advance review of standards and input into the direction of the PCI DSS.   Globalscape EFT comprises of a full suite of data protection tools that achieves or exceeds compliance and security practices by the most rigorous standards. EFT’s High Security module facilitates compliance with PCI DSS v3, exceeding security practices mandated by the most rigorous standards, including PCI DSS, FIPS 140-2, HIPAA, DPA, and Sarbanes-Oxley (SOX). EFT also monitors, reports and...

Biggest UK Fines By The ICO in 2014

The Information Commissioners Office (ICO) is a government body set up to regulate those organisations which handle personally identifiable data. Retaining a register of companies and their nominated data handler ensures that the ICO can follow up on any reported data leaks or mishandling of data. The ICO has the ability to serve a company with an undertaking, prosecution, enforcement notice or a monetary penalty. None of these are good for business or for the individual involved, especially as all details are available in the public domain. In the past 12 months, the ICO took action on 88 individuals or companies. Below is a list of the worst performing businesses and the fines levied.   British Pregnancy Advice Service £200,000 – 7 March Kent Police £100,000 – 19 March Amber Windows £50,000 – 3 April Think W3 Limited £150,000 – 23 July Reactiv Media Limited £50,000 – 28 July Ministry of Justice £180,000 – 26 August EMC Advisory Services Limited £70,000 – 1 October Worldview Limited £7,500 – 5 November Parklife Weekender £70,000 – 5 December Kwik Fix Plumbers Ltd £90,000 – 22 December   Not all of these cases were data breaches, but data had been misused or not protected sufficiently to comply with current legislation by the company or individuals involved. Without the correct processes and policies in place or tools for the job, employees can easily make simple decisions that can put personally identifiable data at risk. Implementing the right Managed File Transfer or Enterprise File Sync & Share solutions for your organisation need not be difficult and can be a key component of your data security plan. With our assistance we can help you...

GDPR – What It Is & Why You Need To Be Prepared!

As we all battle on with the day to day activities of our jobs, it can be challenging to ensure that we’re on top of changes to regulations that might affect us. This it seems is very much the case when it comes to the general awareness for the planned introduction of the General Data Protection Regulation (GDPR). Having been in the European Commission’s think tank for nearly three years, GDPR is due to replace the outdated and somewhat limited EU Data Protection Directive. Last month our vendor partner, Ipswitch File Transfer, announced the results of a European survey of IT professionals attitudes to regulations and compliance. The results indicated a shocking lack of awareness of GDPR across the board, and with the regulation due to come into effect late this year or early next; the clock is ticking. GDPR is meant to unify and simplify data protection across 28 countries within the European Union (EU). Why should we be concerned? The range of its penalties are a little more extensive than the ICO monetary penalty maximum of £500,000 currently the most prolific threat to enterprises careless with their data. Under the GDPR, financial penalties of up to €100million (approximately £80m) or up to five percent of worldwide turnover, whichever is greater, for organisations that breach its rules. Ipswitch’s survey highlighted some interesting statistics: COMPLIANCE CHALLENGES AHEAD FOR THOSE WHO DON’T KNOW GDPR OR ITS TIMING 56% could not accurately identify what ‘GDPR’ means 52% admitted they were not ready for GDPR 35% confessed to not knowing whether their IT policies and process were up to the job 12% percent of...

Globalscape teams with SMS PASSCODE® to Enhance Customer Security

SMS PASSCODE’s multi-factor authentication platform now integrates with Globalscape’s Enhanced File Transfer (EFT) Server. The importance of stepping up user authentication A username and password are no longer enough to authenticate the identity of employees accessing corporate networks and data. Research indicates that weak or stolen user credentials are the preferred weapons used by cybercriminals, and are behind approximately 76 percent of all network intrusions. Traditional two-factor authentication requires something the user knows (usually a password) and something the user has (like a token, fingerprint or mobile phone). In the past, companies distributed hardware tokens to their employees to help validate their identity when logging in; however, over time, these types of solutions have proved cumbersome and expensive for IT to manage effectively, while offering little convenience for end-users. SMS PASSCODE offers a balance between strong security and high user convenience, with features that include: Leveraging the one thing users always carry with them – their mobile phone – and provides a superior user experience by taking full advantage of contextual information such as time, geo-location, and type of login system being accessed. Intelligent authentication that sees whether users are logging in from trusted locations like home or the office, versus an airport lounge with public Wi-Fi (for example), and conveniently delivers the appropriate level of security for the users. How SMS PASSCODE works with EFT Globalscape EFT includes multi-factor authentication through the SMS PASSCODE platform. On a local or LDAP-authenticated site, the administrator can configure EFT to connect to SMS PASSCODE to deliver a one-time use passcode via text message (SMS), a voice call, through email, or via...

Ipswitch Survey Reveals; Damage to Reputation Seen as Biggest Reason to Comply with Data Protection Laws.

Despite 71% believing UK data protection laws should be stronger, 53% still admit to sending sensitive documents by email and 19% have lost critical documents in transit. A survey by Ipswitch, managed file transfer (MFT) solutions vendor, reveals that fear of reputational damage is the biggest driver for business professionals to comply with data security laws. Yet the majority are still failing to secure the transfer of critical files. The survey, conducted at the end of April 2014, asked 415 business professionals working across the EU about attitudes, practices and technologies relating to data security and protection. The results also show that the UK is seen as having tighter data protection laws than Germany or France. However, the vast majority think the UK’s data protection laws need to be even stricter. Key Conclusions: 31 percent of business professionals say that financial censure is the biggest impetus for complying with data protection or staying in line with ICO guidelines, while nearly half (43 percent) cite fear of reputational damage to their brand as the major reason to fall in line The survey also reveals that over half of respondents (53 percent) admit to sending business sensitive documents over unsecured email, while nearly a fifth (19 percent) also admit to losing critical business documents 64 percent of respondents consider the UK to have the tightest data protection laws, 30 percent name Germany as having the strictest laws, while six percent of respondents say that France has the strictest data protection Almost three-quarters (71 percent) of respondents believe UK data protection laws should be stronger to protect businesses and consumers Over a quarter...

Are Employees Putting Your Company’s Data at Risk?

One of our key vendors, Ipswitch File Transfer conducted a survey of over 200 IT leaders and practitioners with security responsibilities about person-to-person file-sharing practices.  From the results that they gathered, this is what they found… These results should alarm IT and security professionals.  Findings show that employees are circumventing IT staff by sending confidential and highly sensitive company files via means that are insecure and lack auditability. The results serve as a graphic reminder that when company systems hinder employee productivity, it’s both a security risk and bad for business. There’s no way to sugarcoat the results of the survey, the highlights of which you can see in the Infographic below. Click here to register to receive the full research report results and...