Following the news that the NHS has reportedly lost unencrypted data stored on laptops, Don Smith, VP Engineering & Technology , EMEA, Dell SecureWorks made the following comments.
“The news that the NHS has reportedly lost unencrypted data shows the importance of protecting data and applying basic data protection principles. People at all levels within an organisation need to understand that a data loss or breach will have consequences for them, their employer and of course the individuals whose information has been lost and potentially obtained by those with criminal intent. Personal data is not an abstract commodity and the onus should be on organisations to create the proper culture, policies, processes and procedures for data handling and protection.
“Often, companies wait until they have been the victim of a data loss event before ensuring they are fully protected. However, legislative measure such as PCI DSS, Sarbanes-Oxley and Basell II provide essential legal guidelines for organisations to follow and ensure data assets are protected. It is therefore vital that organisations are fully protected through data loss prevention technology. At the moment there are a variety of techniques that can be employed to help look after data ranging from firewalls, database security, access control, email encryption and additional network segmentation.
“Data loss prevention will only become much more complex, challenging and costly for the public sector as it continues to grow its online offerings. The online and offline worlds of this sector will become increasingly intertwined through remote working, cloud computing and virtualisation and as a result there will be a move towards outsourcing data loss prevention to external firms who have the specialist skill, resource and capacity to monitor systems fully. A holistic view of IT systems will be imperative to ensure organisations have the vision to act on what is facing them at any given time and the vision to plan for the future.”