Archive for the ‘Financial’ Category

Learning from Morgan Stanley’s Data Breach

Wednesday, July 13th, 2011

Morgan Stanley Admits to Loss of Unencrypted CDs” reads the latest data breach headline in SC Magazine. I can’t help but shake my head as this could have been easily avoided.  The lost information contained 34,000 client account and social security numbers, among other confidential data.  The CDs were delivered in tact to the New York State department of taxation and finance’s mail room and disappeared somewhere between there and the intended recipient’s hands.

IT departments worry about data security and do their best to put systems in place to prevent this kind of data breach.  So how does it happen?  Some of the biggest risks come from employees who work around an IT mandated solution.  In this case, it looks like there was a file too large for either Morgan Stanley’s, the recipient’s, or both systems’ email restrictions.  For the employee who opted to mail the unencrypted CD, the magnitude of the potential loss and risk involved may have never crossed their minds or took a backseat to Getting the Job Done.

You, as an IT professional, can easily save the day and provide a way for your users to share information and collaborate securely.

In addition to banning CDs, thumbdrives, free dropbox-type of applications, FTP or USB sticks, implementing secure file sharing technology such as Accellion’s helps enterprises securely share files in a way that can be seamless to employees and their intended recipients.  With Accellion, you can track and manage who has sent and downloaded what file, where, and via what device.

Since Accellion supports any file format and size, I suspect Morgan Stanley’s CDs were used to transfer files an Accellion user would’ve been able to send easily.  With Accellion, shared files are stored securely on a server, so issues with the recipients’ email storage limits are also bypassed.  And the file is encrypted in transit and at rest.

Some of the world’s leading financial services organizations use Accellion to protect their sensitive data including: AEW Capital Management, American Capital, Australian Unity, Bank of Scotland, Bank of Spain-Miami (Banco Santander), Cigna WorldWide Insurance Company, Covenant Bank, Deloitte & Touche CA, Georgia Bank and Trust, Farmers Insurance Group, Federal Credit Union, HeathMarkets, IMA Financial Group, Inc., KPMG, MIB Solutions, PFS Global Ltd., Princeton Financial Systems, United Community Bank, ViewPoint Bank and Xpress Holding to name a few.

Financial services firms need to protect their sensitive data in a way that’s easy-to-use for employees and easy-to-manage for IT staff.  Accellion solutions can help.

Posted in Accellion, Data Breach, Data Security, Email Attachments, Financial, FTP | 1 Comment »

It’s Not Personal – It’s Business

Monday, March 7th, 2011

Employees at Wells Fargo really shouldn’t take it personally that their CIO, Wayne Mekjian, won’t let them use personal devices to access the corporate network – it’s just business.  In today’s Network World article entitled “Wells Fargo says no to personal smartphones and tablets, period” it’s obvious Wayne is serious about financial data security and responsibility.  And who’s to blame him, after the financial scandals and meltdown of the past few years, CIOs in the financial industry should be on red alert to avoid embarrassing data breaches.  You have to applaud Wayne for taking a stand for information security.

It’s not like Wayne won’t let his folks use smartphones and tablets – he just wants them to be Wells-Fargo issued.  So who’s complaining? Provisioning employees with the necessary tools to be efficient and productive, whether that be devices or software, seems a reasonable responsibility for any organization.  As long as the organization isn’t too restrictive in their provisioning.

We continue to be amazed at how many organizations still fail to provision their users with the ability to securely share information across organizational boundaries. Legal documents, contracts, product designs, software under development, medical records, marketing campaigns, sales data, financial results, board communications are routinely shared with people outside the corporate network and all potentially contain sensitive IP and confidential personal information. Yet many enterprise users are not provisioned with an approved method for sharing files securely.  The use of personal file sharing accounts is an unfortunate but common workaround. If ever there was a security hole to plug, the file sharing hole is one to plug, and fast.

So Wayne Mekjian, thanks for taking a stand for security, you are our Accellion CIO hero of the week.

Posted in Accellion, Data Breach, Data Security, Financial | No Comments »