Security breach could have been avoided if IRS had followed basic security measures, says IT Governance

IT Governance has stressed that major corporations are not following basic security measures as breach emerges from IRS.

BOISE, IDAHO, USA, March 24, 2014 /EINPresswire.com/ -- IT Governance (the USA’s largest provider of information security, risk management and compliance books, tools, training and consultancy) has stressed that major corporations are not following the simplest of security measures as the story leaks that personal data of 20,000 US Internal Revenue Service (IRS) employees may have been exposed.

IRS Commissioner John Koskinen said that an unencrypted thumb drive containing sensitive information such as names, Social Security numbers and addresses, had been plugged into an employee’s unsecured home network, potentially making it available over the internet.

Encryption should be applied to all types of portable media that (might) contain personal information and should at least meet the Federal Information Processing Standard Publication 140-2 (FIPS 140-2). This US government standard has been adopted around the world for accrediting cryptographic modules on all sorts of media.

Encrypting portable media is a key area of ISO27001, the global standard describing best practice for an information security management system (ISMS). Other areas include asset management, physical and environmental security, access control, compliance and business continuity management.

By correcting basic security measures and aligning their security procedures to ISO27001, corporations can benefit from an increased level of security, enhanced customer satisfaction, new business and an enabler to comply with other regulations (e.g. SOX).

A range of pocket guides is available from IT Governance that provides either an introduction into information security for novices or popular hand-outs for all members of staff. Best-sellers include:

E-mail Security: A pocket guide: www.itgovernanceusa.com/shop/p-540.aspx
Ten Rules of Information Security for the Smaller Business: www.itgovernanceusa.com/shop/p-1147.aspx
Information Security Breaches – Avoidance and Treatment based on ISO27001: www.itgovernanceusa.com/shop/p-601.aspx
IT Induction and Information Security Awareness: www.itgovernanceusa.com/shop/p-775.aspx
The True Cost of Information Security Breaches and Cyber Crime: www.itgovernanceusa.com/shop/p-1338.aspx

Visit IT Governance for more information on best information security practices and ISO27001: www.itgovernanceusa.com/infosec.aspx

Melanie Watson
IT Governance
448450701750
email us here

You just read:

Security breach could have been avoided if IRS had followed basic security measures, says IT Governance

Distribution channels: Banking, Finance & Investment Industry, Business & Economy, IT Industry, World & Regional

EIN Presswire's priority is source transparency. We do not allow opaque clients, and our editors try to be careful about weeding out false and misleading content. As a user, if you see something we have missed, please do bring it to our attention. Your help is welcome. EIN Presswire, Everyone's Internet News Presswire™, tries to define some of the boundaries that are reasonable in today's world. Please see our Editorial Guidelines for more information.

Contact

Melanie Watson
IT Governance
448450701750

email us here

Company/Organization

IT Governance
Unit 3 Clive court, Bartholomew's Walk
Ely, CB7 4EA
United Kingdom
1353771078
Visit Newsroom

About

IT Governance Ltd is the single-source provider of books, tools, training and consultancy for IT governance, risk management and compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is ‘non-geek’, approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.

www.itgovernance.co.uk