in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Security: California Department of Public Health Has Second Breach

The California Department of Public Health (CDPH) has announced a second major breach.  Approximately 9,000 employees had their information downloaded to a personal hard drive, an unauthorized move by an employee. 

The use of disk encryption software in this case is a moot point, kind of.  Had the employee subsequently lost the hard drive, it would have been an important factor.  However, the disk was not lost.

What is important is that the CDPH incident was discovered by its department's security detection system, once again providing evidence that there are numerous components that come into play when dealing with data security.

What I wanted to comment on, though, is the fact that the CDPH only managed to go public with the case 3 months after they were aware of the data breach.  The reason given?  According to healthleadersmedia.com:

Asked why the breach took three months to announce, CDPH spokesman Al Lundeen said in a telephone interview Friday that the incident required a  lengthy investigation.

Which is quite rich, when you consider what the CDPH has done to medical organizations for not reporting a breach quickly enough despite claiming the same thing.

Sure, you could argue that these were not patients that were affected, but still...  why is sensitive employee information (which includes SSNs in this case) any more important than sensitive patient information?

It appears to me that the CDPH is not playing with a full deck of cards.


Related Articles and Sites:
http://www.infosecurity-us.com/view/18953/california-agency-suffers-second-major-data-breach-in-six-months/
http://www.cdph.ca.gov/Pages/NR11-028.aspx

 
<Previous Next>

Data Security: Allegations That Sony Fired Security Employees Prior To Breaches

India Privacy Bill Allows Health Information Breach Fines Of Rs 1 Lakh And Other Penalties

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.