Local government and public sector failing to protect sensitive data, says exec

CEO of email security firm ZIVVER, Rick Goud, says local government and public sector are more vulnerable to data leaks than the enterprise

Posted 1 July 2020 by Christine Horton

Local government and public sector are exposing themselves to higher risk of data leaks than their enterprise counterparts.

That’s according to Rick Goud, CEO & founder of email security firm ZIVVER, who is urging organisations to do more to secure sensitive data.

Local government and the public sector “have the most sensitive data, usually don’t have the tools to prevent data leaks, and rely heavily on email for communication, internally and externally,” said Goud. “They are also faced with accelerated digital communication requirements due to COVID-19.”

Rick Goud CEO & Founder ZIVVER

Additionally, Goud said the use of shadow IT in this sector is higher than in enterprise. “This is because in local government there is usually more legacy technology than in enterprises. This makes their systems less flexible and less user friendly, forcing people to sometimes defer to their personal email or Dropbox.

“With the recent rise in remote working, this scenario must have been amplified. Digital communication has been the only option to replace existing communication techniques including face-to-face, letters, couriers or fax. But, in many cases, it has not been possible to roll out the necessary IT/digital communication infrastructures – ones which can handle the required workload.”

Employee error

Goud said ICO reports, and similar regulatory reports from other countries, validate this view. They “report that most data leaks occur in the public sector, healthcare, and (local) government while workers are sharing sensitive information.”

“The biggest challenge nowadays is preventing data leaks; making sure that only authorised people have access to sensitive data, whether its privacy sensitive, business sensitive or politically sensitive.

“While most people still fear hackers/phishers the most, the ICO’s reports on data leaks – as well as reports from other European countries – show that more than 75 percent of all data leaks are caused by employees making mistakes. Most data leaks are caused by misaddressed emails or letters, for example, or sending the wrong information (e.g. containing unintended sensitive information), not using BCC and not complying with company standards. So, the biggest challenge is employee behaviour.”

Going Dutch

Goud established Netherlands-based ZIVVER after working in the healthcare sector. There he saw employees using consumer apps like Dropbox WhatsApp to share sensitive information in the absence of a ‘secure and user-friendly’ enterprise alternative.

Dutch municipal governments now using the secure email platform include Hof van Twente and Municipality Epe, which opted for a ‘belt-and-braces’ secure email and file transfer solution. This protects citizens’ data before, during and after sending. It is also enabled through familiar Outlook or Gmail toolbars, which aims to stop workers from using free applications such as Dropbox to share large files.

“It is important to note that implementing a comprehensive secure outbound email solution should not be looked at from a cost perspective, but from a business case perspective,” said Goud.

“Besides preventing the risks of data leaks, which can save a lot of money, IBM recently reported the average cost of a data leak is over £3million. Secure email can help digitise letters, replace fax, replace couriers, improve employee productivity, and facilitate archiving and workflow enablement. All of these things contribute to a very good return on investment.”