London, United Kingdom, 8th of December 2006

Orthus Limited, a leading independent information security services provider, today announced the launch of a new service to help clients identify holes in their security programs. The service includes a comprehensive analysis of existing information technology systems in addition to a detailed review of established physical, technical and procedural security programs to identify gaps that would allow sensitive data and intellectual property (IP) leakage from the enterprise.

Despite recent heightened awareness, serious data breaches continue to occur due to poor end-point control and underestimating the threat from the “insider”. The result has been significant losses of sensitive – and often regulated - information and increases in financial fraud and theft. System security typically consists of a series of point products that are lacking in integration. Technical and physical controls rarely match procedural security programs leaving insiders, often with little technical knowledge, opportunities to easily circumvent policies and remove sensitive information from enterprises today.

The new Orthus Data Leakage Survey service addresses this problem by auditing all aspects of the businesses security countermeasures from a user’s perspective to identify breaches in the defences. The survey includes a review of physical security (badging, guard programs, bag screening), technical security (CCTV, biometrics, card access controls), and information technology (user identity and access management, hardware and device control, file folder and share access, content control, and application access). The service focuses on how the user interacts with sensitive company data and looks for ways they could remove it. The service has been extremely successful for clients looking to lock down call centres, design departments or financial trading floors.

The results of the survey were surprising considering the amount of media attention recently given to the issue of mobile telephone security (e.g. Paris Hilton) and indicate that users continue to neglect the security issues associated with their mobile telephones and PDAs.

“It’s about the user”, say Orthus Managing Director Richard Hollis. “Companies have historically spent money on security products to protect other infrastructure products and have totally neglected to address protecting data, and limiting how the user is able to interact with that data.”