Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Pensions Trust data loss avoidable with encryption

Credant Technologies : 01 June, 2009  (Technical Article)
Not-for-profit organization shoots itself in the foot by not encrypting laptop from which personal details of over 100,000 pensioners were lost
The loss of personal details - including names, addresses, national insurance numbers and salary plus bank data - from The Pensions Trust could have been avoided if the laptop used by the organisation's contractor had used onboard encryption, says Credant Technologies.

'The fact that the Trust is a not-for-profit organisation does not mean that it can bypass any of the stringent IT security safeguards or require similar controls to be implemented by its contracting companies,' said Michael Callahan senior vice president of Credant Technologies, the endpoint data protection specialists.

'Basically the data held on the laptop should have been protected by the highest possible levels of encryption, given the potentially serious consequences that could result from the loss of this type of information,' he added.

According to Callahan, the cost of the hardware - in this case the laptop - stolen in these types of incidents is frequently outweighed by the potential financial consequences of the data loss.

Most companies in this position will have taken out insurance to cover the costs of something like this going wrong with their IT security policies and procedures, but this will be of scant concern for the pension holders - many of whom work in the voluntary sector - whose data has been stolen, he explained.

The irony of the situation is that the data was being used by the contractor company concerned in its staff training, he went on to say.

'It is to be hoped that the firm will now review is procedures on using live data in training situations, and also start beefing up its IT security procedures, including applying a policy of encrypting all private data, whether at rest or in transit,' he said.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo