Sunday, January 21, 2007
Statement From Scott & Scott LLP In Response To MoneyGram Data Breach
Statement From Scott & Scott LLP In Response To MoneyGram Data Breach
DALLAS-(Business Wire)-January 16, 2007 - "It was recently disclosed that the personal data of approximately 79,000 MoneyGram(R) customers may have been compromised as a result of a data security breach. In response, legal and technology services firm Scott & Scott wishes to remind businesses that there is no such thing as a completely secure network. Every enterprise with electronic data is at risk of a data security breach, largely as a result of several factors:
— Mobile Devices: The dramatic increase in the use of laptops and personal digital assistants puts enterprises at significant risk of a security breach, because the equipment is often lost or stolen
— Employees: One-third of all employees steal from their employers; included in this statistic is the theft of corporate information
— FTP (File Transfer Protocol): While FTP sites offer convenient remote access to files, they also provide the most direct route into a server. Carelessness can disable an entire network in seconds
— E-mail: 75-95% of all corporate e-mail traffic is dangerous. Any employee who opens a personal e-mail at work can download a virus, leaving the network highly vulnerable to data security breaches
Scott & Scott recommends that companies equip every device containing confidential information with desktop security protection, including proper authentication and encryption technology. Further, encrypting data eliminates the need in many states for enterprises to alert their customers in the event of a data security breach. These steps significantly reduce the risk of potentially catastrophic business implications that are associated with legally required breach notifications.
This incident also highlights the need for companies to investigate and consider purchasing insurance to cover the strong potential for a security breach. Many forward-looking insurance providers have filled the void for network security insurance coverage of a variety of types, including inside job coverage, service provider coverage, employee claimant coverage, regulatory coverage and third-party handling coverage.
Even the few businesses that have implemented the most aggressive encryption, firewall and authentication technologies are well advised to consider obtaining data security and privacy insurance coverage in order to mitigate the financial risks of a network security breach. Those that are less prepared should strongly consider it."
Editor's Note: Julie Machal-Fulks is an expert in IT compliance management and focuses her practice on IT asset management, network security, and privacy. Julie graduated with honors from Texas A&M - Corpus Christi, earning a B.A. in English. She received her law degree from The University of Houston Law Center where she was inducted into the Order of the Barristers. Julie's article, "Privacy, Network Security, and the Law," was recently published in the IT Compliance Journal.
Scott & Scott (www.scottandscottllp.com) is a leading law and technology services firm dedicated to helping senior executives prepare for, mitigate the risks of and respond to network security breaches. Scott & Scott's legal and technology professionals provide network security and privacy solutions, all protected by attorney-client and work-product privileges.
DALLAS-(Business Wire)-January 16, 2007 - "It was recently disclosed that the personal data of approximately 79,000 MoneyGram(R) customers may have been compromised as a result of a data security breach. In response, legal and technology services firm Scott & Scott wishes to remind businesses that there is no such thing as a completely secure network. Every enterprise with electronic data is at risk of a data security breach, largely as a result of several factors:
— Mobile Devices: The dramatic increase in the use of laptops and personal digital assistants puts enterprises at significant risk of a security breach, because the equipment is often lost or stolen
— Employees: One-third of all employees steal from their employers; included in this statistic is the theft of corporate information
— FTP (File Transfer Protocol): While FTP sites offer convenient remote access to files, they also provide the most direct route into a server. Carelessness can disable an entire network in seconds
— E-mail: 75-95% of all corporate e-mail traffic is dangerous. Any employee who opens a personal e-mail at work can download a virus, leaving the network highly vulnerable to data security breaches
Scott & Scott recommends that companies equip every device containing confidential information with desktop security protection, including proper authentication and encryption technology. Further, encrypting data eliminates the need in many states for enterprises to alert their customers in the event of a data security breach. These steps significantly reduce the risk of potentially catastrophic business implications that are associated with legally required breach notifications.
This incident also highlights the need for companies to investigate and consider purchasing insurance to cover the strong potential for a security breach. Many forward-looking insurance providers have filled the void for network security insurance coverage of a variety of types, including inside job coverage, service provider coverage, employee claimant coverage, regulatory coverage and third-party handling coverage.
Even the few businesses that have implemented the most aggressive encryption, firewall and authentication technologies are well advised to consider obtaining data security and privacy insurance coverage in order to mitigate the financial risks of a network security breach. Those that are less prepared should strongly consider it."
Editor's Note: Julie Machal-Fulks is an expert in IT compliance management and focuses her practice on IT asset management, network security, and privacy. Julie graduated with honors from Texas A&M - Corpus Christi, earning a B.A. in English. She received her law degree from The University of Houston Law Center where she was inducted into the Order of the Barristers. Julie's article, "Privacy, Network Security, and the Law," was recently published in the IT Compliance Journal.
Scott & Scott (www.scottandscottllp.com) is a leading law and technology services firm dedicated to helping senior executives prepare for, mitigate the risks of and respond to network security breaches. Scott & Scott's legal and technology professionals provide network security and privacy solutions, all protected by attorney-client and work-product privileges.
Labels: Scott and Scott LLP
