PGP argues that having good internal data security procedures in place doesn’t help if third parties who have access to sensitive personal data don’t have similarly stringent methods.
The Eden Project in Cornwall has confirmed that a laptop containing the names, addresses, bank details, national insurance numbers and pay rates of 500 of its employees has been stolen from the car of an employee who of Moorepay Ltd - the company which handles the Eden Project's payroll.Jamie Cowper, European Marketing Director at data encryption expert PGP Corporation, has made the following comments: 'What this particular case highlights is that - as well as putting internal security measures in place - enterprises need to be more cautious regarding third party companies that they share sensitive information such as payroll details with. Without a thorough assessment of the threat status of companies such as Moorepay, existing security policies can easily be rendered useless. Despite the fact that laptop thefts continue to occur, many companies are still ignoring their responsibilities towards stakeholders' personal information. All organisations need to deploy pre-emptive security measures such as encryption to ensure that if a breach does happen, the data is of absolutely no use to the criminals - thus minimising financial and reputational damage. The Eden Project has pledged that personal data will never be put in such a vulnerable position again, which shows they've learnt a valuable lesson about the dangers of entrusting personal information to third party contractors. Hopefully, other companies won't have to go through the same process before taking the decision to protect their data properly.'
|
