The biggest risk to information security is the legitimate, authorised, internal user, who is considered to be trusted and has authorised access to the system and the data contained within. Increasingly, we are living within a society where the need to share information rapidly is sometimes considered more important than the need to enforce and manage access to that information. This means that authorised, trusted and legitimate internal users can often gain access to data, including potentially highly sensitive information, which they do not need to carry out their duties.
A recent example, reported on the BBC News website, involved a Police Community Support Officer (PCSO) using a confidential police database to access records of potential romantic partners. The PCSO pleaded guilty to 11 counts of obtaining information illegally and was fined £1,100 by Magistrates in North Tyneside.
What can Regency IT Consulting do to help?
Regency IT Consulting have the experience and expertise to provide advice and to tailor a protective monitoring solution that precisely fits your needs. By working very closely with the client we ensure that our Protective Monitoring managed service, ‘Regency Protect’, is professional, efficient and meets all of the client’s requirements.
There are many challenges to consider when implementing protective monitoring – one size does not fit all. In many organisations the technical knowledge and expertise needed to implement complex monitoring solutions either does not exist or is already fully engaged on other work. The use of Regency Protect bridges this gap and provides a service that fulfils applicable regulatory or policy requirements with minimal business effort. Utilising Regency Protect enables the internal resources of a business to concentrate on providing products that enhance and add value to the organisation, whilst ensuring that protective monitoring is being conducted professionally, effectively and efficiently.
Properly managed protective monitoring enables the detection and prevention of both authorised and unauthorised access to data within a system. A well run protective monitoring solution can provide significant benefits for the functionality and efficiency of the monitored system, including situational awareness of system-wide activity and verification of implemented changes. In short, protective monitoring helps to ensure the confidentiality and integrity of your data.
Information gathered by protective monitoring can also be crucial when there is a need to respond to and manage a security incident on your system, or to carry out a damage assessment. Well managed protective monitoring logs can provide objective evidence regarding where and when specific records were accessed – and by whom. Most importantly, protective monitoring acts as an effective deterrent by ensuring that users who might be considering attacking or misusing a system are aware that their activities on the system are monitored, recorded and traceable.
For more information on our services, please visit us at www-test.regencyitc.co.uk or call 01242 225 699.