Laptop Data Loss Blunder

Laptop Data Loss Blunder

 Yet again large organisations (that should know better) fail to do the basics when it comes to protecting their own and - more importantly - our own private data. A quick scan of the web quickly reveals a list of embarrassing 'lost data' events (click on the links to go directly to the article):

Last year the Financial Services Authority fined the Nationwide Building Society £980,000 for a security breach, after a laptop containing customer data was stolen from an employee's home

A Leicestershire council is investigating a report that a computer containing taxpayers' personal details was sold on auction website eBay.

An investigation is being launched after a computer holding a million high street bank customers' personal details was sold on an internet auction site. The computer was reportedly sold on eBay for £35 - but the hard drive contained sensitive data on Royal Bank of Scotland and Natwest customers.

When financial data goes missing Personal financial details were listed on the hard disc of a computer reportedly sold on the auction website eBay.

Extent of data losses is revealed Sensitive data potentially affecting more than four million people was lost by government departments in the year to April, BBC analysis has found.

More firms 'admit disc failings' Several firms have admitted security failings in the wake of the loss of two discs containing 25 million people's details, MPs have been told.

HSBC bank admits losing personal data on 370,000 customers in post.

Jack Straw has ordered an inquiry into the loss of a computer hard drive containing the details of up to 5,000 employees of the justice system.

Data loss firm contract axed: a company which lost the details of thousands of criminals held on a computer memory stick has had its £1.5m contract terminated after an inquiry.

Personnel records stolen from MoD: The Ministry of Defence (MoD) is investigating the theft of computer files holding the records of thousands of serving and former RAF staff.

A handheld computer containing secret intelligence documents about terrorism has been stolen through the open window of an MI5 hideout, in a fresh data embarrassment.

Council in personal data loss blunder

In one sense, each of these in isolation could be 'understood' insomuch as mistakes happen - people are only human after all. But the point is that systems and procedures are precisely there to mitigate the consequences of such errors.

Take a lost laptop for example - it is very easy to automatically encrypt confidential data on a laptop - for this to be done efficiently, even over 1000's of machines - and for the data to be deleted or otherwise protected if a machine is compromised.

Partly blowing our own trumpet here I know - but we could have a 1000 laptops encrypted with a managed service within 24-hours. Pre-set or on-demand rules and triggers can be 'pushed' to machines with little effort or delay. So when (stress when) a machine is next left on the train containing my bank account details (think any confidential private, customer or own business data), the data will be inaccessible to whomever find or steals it. It's really quite simple.

As for data kept on a USB stick - I heard a statistic the other day at a conference (sorry, I cannot reveal the source) that twice as many USB sticks are lost by travelers each month, compared to the number of laptops lost - so perhaps backing up data to a USB stick has limited value...  

Share this post

Join our cloud community

Join our cloud community Sign up for email updates