[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Thursday, 16 March 2006, 09:38 GMT
Firms lax on ID theft safeguards
Gloved hand taking cash from safe, BBC
Identity thieves can work inside companies
Most businesses are not doing enough to secure their networks against identity fraud, a UK government survey says.

Growing numbers of firms are using strong authentication to restrict unauthorised access, according to the Department of Trade and Industry.

But large companies still recorded a small increase in identity-related security breaches during 2005.

The DTI is urging firms to install multi-layered security systems and not to rely entirely on password access.

According to the survey, carried out for the DTI by PriceWaterhouseCoopers (PWC), there was a significant rise in the use of hardware tokens or digital security certificates during 2005.

This was credited with stemming previous increases in identity-related fraud.

However, 80% of companies still rely on passwords alone as a security measure, the report says.

Business motivator

Staff at 18% of large UK firms gained unauthorised access to information during 2005, the report says. Nine per cent of those large firms saw staff misuse restricted information.

Fraud remains rare, the report suggests, but potentially very damaging for businesses, both in financial and prestige terms.

In one incident, a large bank suffered losses totalling several million pounds because of security breaches leading to fraud.

"Identity theft and phishing are on the increase, particularly in financial services and telecoms providers," said Andrew Beard of PriceWaterhouseCoopers.

"It is all the more important therefore that companies adopt an integrated approach to identity and access management.

"At the moment regulatory compliance is the key driver of security expenditure rather than the business opportunities to be derived from it."

PWC interviewed 1,000 respondents for the survey, which will be released in full at the Infosecurity Europe conference in London in April.


SEE ALSO:
Who does the net think you are?
20 Feb 06 |  Technology
ID theft 'costs UK 1.7bn a year'
02 Feb 06 |  UK Politics
Revenue admits theft of staff IDs
15 Dec 05 |  Business
DWP staff hit by tax credit fraud
06 Dec 05 |  Business
Jail for eBay phishing fraudster
01 Nov 05 |  Lancashire


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

Americas Africa Europe Middle East South Asia Asia Pacific