in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Hard Disk Encryption: Victoria House Children's Centre Data Breach

A staff member at Victoria House Children's Centre in Barnstaple, UK breached protocol (and data security laws) when a USB flashdrive was stolen from her.  Obviously, the use of drive encryption like AlertBoot would have prevented the breach from ever taking place.

Such technological solutions are always preferable over what Action for Children (AFC) -- which runs the center -- was using: guidelines.

"No Legitimate Reason"

According to an AFC spokesperson, the employee had "no legitimate reason for [having] that information."  Furthermore, it was revealed that the employee

...would have known she was in breach of strict company policy, and the Data Protection Act 2008, which states staff are banned from copying people’s sensitive personal data and taking it off the premises.

"We have very clear guidelines in place. She will have been under no illusion, given the nature of our work."  [thisisnorthdevno.co.uk]

Approximately 45 families were affected by the breach -- about two percent of the center's users.

Statistics are not Things That Happen to Other People

Action for Children has been very good at pointing fingers at the employee, and for good reason, too.  But, in defense of the staff member, she wasn't exactly planning on having her handbag stolen (the same handbag that contained the USB drive).

It can try to blame the employee all it wants, but it appears as if it has engaged in very weak security practices.  I mean, where is the encryption software?  Where is the computer port control?  Do they have data leakage prevention software in place, in case employees email themselves sensitive data?

Guidelines and policies are important; however, the past five years (and then some) have shown that these are not enough from a data security standpoint.  Employees are an integral part of a company, and they've got to do their part, but so does the rest of the company by instituting technological safeguards.

Just pointing to usage policies and guidelines when things go awry is the last bastion of those unprepared for a data breach.


Related Articles and Sites:
http://www.thisisnorthdevon.co.uk/Children-8217-s-centre-loses-sensitive-family/story-15177841-detail/story.html

 
<Previous Next>

Disk Encryption Software: UC Berkeley Says Secure Desktop Computers

Data Encryption Software: Avnet Servers Stolen, ICO Looking Into Breach

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.