Last week I was reading the evening standard while on the train on my way home and my attention was drawn to the story on the recent data theft at Foxtons, the upmarket estate agent chain based around West London. What happened at this company is a classic case of a business not using technology to enforce protection on its intellectual property.

The preference for policy, procedure and discipline to enforce compliance, without using technology to guarantee information security is futile and is clearly not working. If I were a client of Foxton’s and I know that my data can be misused by any employee other than the intended purpose, I will be very worried considering the type of clients it has on its list are mainly high net worth individuals.

If I called Foxtons 1 year ago, it is most likely the company would have said we have all we need to secure our systems. Maybe the way forward is to educate clients to ask questions about the proetection of their personal data before it is handed over.

All the printouts that where recovered from the premises of the former Foxtons employee could have been avoided through the use of enterprise rights management print solutions which are available on the market.

Data leakage prevention solutions can restrict copying data to external media, while a combination of enterprise rights management and data leakage prevention will ensure that data copied to external media can be copied but will be encrypted.

There are many businesses in Foxtons position around the world where data theft or data breach can undermine the confidence that their clients have in the business’ ability to protect its data. The question is what steps are you taken to prevent this from happening?

Reference:
Evening Standard: Foxtons sues gay couple ‘who stole database to poach clients for new agency’