McAfee issues advice on safe customer data retention after it was revealed that sensitive information that could compromise the security of banking customers was found on a computer bought on eBay
It has been revealed that a computer sold on eBay contained highly sensitive information on American Express, NatWest and Royal Bank of Scotland customers. The latest in a series of data loss blunders was discovered an IT manager from Oxford, who purchased the computer for £35.88 earlier this month.
Information discovered on the computer included names, addresses, mobile phone numbers, bank account numbers, sort codes, credit card numbers, mothers’ maiden names and even signatures.
The banking information had been held by an archiving firm which copies paperwork from some of Britain’s biggest financial organisations, then stores it digitally. A former employee sold the computer without erasing the internal hard drive.
Sal Viveros, security expert at McAfee commented, “This is the latest in a series of recent data loss stories and is shocking because it seems that no attempt was made to erase or hide the data. This follows last week’s revelation that an unprotected USB stick containing the details of 127,000 criminals had been lost, and really highlights the need for organisations to understand the ways that such breaches can occur and to consider how they can negate this problem. In the unfortunate event of a memory stick or computer being stolen or lost, encryption would mean that any sensitive data contained within would not be accessible.”
McAfee offers the following advice to businesses on the importance of implementing a 'Data Loss Prevention' solution:
- Develop, enforce and ensure compliance of a security policy
- Safeguard data at every stage
- Implement access control and monitoring tools
- Monitor and prevent installation and usage of unauthorised applications
- Educate and (re) train employees to understand the role they play in securing data.
|
