in

This Blog

Syndication

Tags

AlertBoot Endpoint Security

If You Look Up The Words Data Breach In A UK Dictionary, Will You See ‘See Government’?

I.T. contractor EDS has lost a hard drive with sensitive data pertaining to the Ministry of Defence (MOD) in the UK.  It affects 100,000 Armed Forces personnel as well as 3,000 potential recruits (or 600,000 recruits, depending on your point of view).  This is not the first time that EDS has been implicated in an information data breach – especially if it happens to be on UK soil.  It makes one wonder why they’re not doing their utmost to use data protection software like full disk encryption to secure sensitive information.

 

It might be because EDS (and the UK government) believed their security measures to be sufficient.  The hard disk drive in question was supposed to be stored in a secure room with access restricted to personnel who knew the pass codes.  Companies and governments worldwide use similar setups for securing sensitive data, so why expect the world’s second biggest computer company not to use the same?

 

Well, for starters, because these things go missing all the time.  And if your company happens to be so big that it cannot help itself from being implicated every time something goes wrong (my understanding is that EDS is pretty much the information technology contractor for the UK government), well, you may want to start rethinking your current data security measures.

 

From a PR position, however, there may be no incentive for companies to use encryption.  This is because there are still plenty of people out there that do not understand what it means to have data encrypted.  I’ve read plenty of comments complaining about cretins running things (ruining things?) when an organization announces the loss of encrypted digital devices.  This is illogical.  There is no other security measure more robust than strong encryption when it comes to data protection.  But as long as the general populace is not aware or is unwilling to believe this, companies will continue to have an image problem – because, no matter how exacting your standards, something will be lost or stolen at some point and people will focus on that, regardless of whether the actual data is secure.

 

Of course, data security is more than a PR exercise.  This latest data breach is more worrying than others, supposedly, because it contains the names of people “who worked in Northern Ireland or in more recent conflicts,” according to the register.co.uk.  The greater the need to secure data, the greater the rationale to use data encryption solutions like AlertBoot.

 

Related Articles:

http://www.theregister.co.uk/2008/10/10/mod_data_loss/

http://www.timesonline.co.uk/tol/news/uk/article4923066.ece

http://news.zdnet.co.uk/security/0,1000000189,39508658,00.htm?r=1

Published Oct 11 2008, 01:22 AM by sang_lee
Filed under: , , , , , , , , , , , , , , ,
 
<Previous Next>

Deloitte Consulting Loses Computer That Used File Encryption

Using Hard Disk Encryption To Stem The Leading Cause Of Corporate Data Loss

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.