Hacking personal details biggest threat to doing business on the web

Dubai: Justin Doo knows what it's like to have your personal data stolen.

Doo, the managing director for TrendMicro MENA, a company that specialises in internet security, recently received a phone call from someone soliciting for a bank. He quickly realised that the caller had all his personal data, including passport number, mobile number, and his wife's information, too.

It turned out that a former bank employee had walked off with a spreadsheet containing customer information, including Doo's. That information eventually ended up in the hands of a competing bank.

Doo's story is a prime example of the type of crime that is fueling an industry. This year's Gitex hosted many companies, including Xerox, Blue Coat, SonicWall, and Symantec, who are selling solutions for data security.

"The big issue for corporations in the value of data," Doo said, adding that companies are worried about data leakage, such as employees walking off with customer information, and compromised entryways into their computer networks.

Vulnerabilities in IT sectors have caused problems for both companies and governments over the past few years.

An estimated 11 million customers of the UK's Nationwide Building Society were recently told that they may have been exposed to fraud after an employee's laptop was stolen in a domestic burglary three months ago.

Personal data of 26.5 million US Veterans was on a laptop taken from the home of a US Department of Veterans Affairs employee.

No statistics are readily available for just how much money is lost each year due to security breaches, but Doo estimates that in the case of Nationwide, one lost laptop may cost the company 25 million pounds.

"Banks not only have to worry about the loss of their share value following such crimes, but they have to worry about the loss of brand value," Doo said. "And brand value takes a long time to recover."

This type of crime is forcing companies to develop compliant solutions, or computers systems that actually enforce the company's security policies.

Craig Stewart, a senior vice president for world-wide sales for Blue Coat, a California-based security software company, said that companies are having to set up policies and accompany systems that keep tract of what is happening on there networks.

"Companies have to documents what they are doing, they have to audit themselves, and then they have to break there own procedures to see what happens and then document that," he said.

Ruth Bowen heads a team of specialists for Symantec that deal with compliant solutions. Companies that maintain compliance are seen as good to do business with, instead of the reverse, she said.