Protecting personal and client information is a corporate social responsibility, urges Professor John Walker of Secure-Bastion

Companies should look beyond security as a 'tick the box' exercise and consider the wider issues, urged Professor John Walker of cyber security consultant Secure-Bastion.

Simply receiving an all clear from the internal audit department is not sufficient to guarantee that everything is being done to secure customer and personal information, said Walker who was speaking at an International Underwriting Association (IUA) briefing.

Data security is a question of corporate social responsibility, he said. ‘Corporates must take more action and responsibility to deliver and assure adequate security practices are in place.’

He continued: ‘Businesses should act with social responsibility and consider their clients and customers no matter how small.’

Walker asserted that data security policies are not always in the best interests of the general public. Terms and conditions are presented everywhere yet people rarely read them and always seem happy to agree to them, he said.

He referred to employers who have a policy denying their workers the right to privacy, despite the fact that it is recognised by the UN as a human right.

Walker also warned that new social networking phenomena are another extension for people to commit crimes. He referenced those criminals who duplicate bad world practices in Virtual Worlds such as Second Life.

While a great way of communicating the online media can also pose a risk to businesses, advised Walker. He referred to a UK landlord who was fined £119,000 at the High Court for web harassment after admitting responsibility for a seriously defamatory website.