It's not hard to find a cowboy in Rochdale, says Cryptzone - after council loses details of 18,000 residents on an insecure USB stick

Göteborg, (PresseBox) - Commenting on revelations that Rochdale council has been censured by the ICO after losing an insecure USB stick that contained the personal details of 18,000 residents, Cryptzone says that the sad fact about the case is that it could so easily have been prevented.

According to Grant Taylor, VP of the IT threat mitigation specialist, controlling data on USB sticks can easily be achieved using a combination of encryption, backed up by enforced security policies to ensure data compliance.

"Using this belt-and-braces approach means you have policy enforcement software allied with a secure USB stick environment where data has to be moved using this type of hardware. You can also allow controlled access to the data on secure remote basis," he said.

"Taking a centralised secure silo approach to data leak prevention is actually the preferable methodology, as it's perfectly possible to have multiple storage systems across different offices, where a large number of employees require access to a constantly updated file database. But whichever security methodology is used, the important thing to realise is that these systems are now easy-to-use and transparent as far as the end user is concerned," he added.

The Cryptzone VP went on to say that the Rochdale council data loss is quite significant as it amounts to 8.7 per cent of the 206,000 population of the city, although with just over 10,000 employees, the council clearly has a large number of staff handling a lot of data on a daily basis.

This does not excuse the loss of an insecure USB stick however - or the fact that the data was outside the control of the council's security envelope - making the incident a double breach of the council's security rules, he explained.

What I find amazing is that the USB stick was used to store the financial accounts of the council, suggesting that residents' names and addresses, along with details of payments to and by the council, says Taylor.

"The only saving grace here is that details of the resident's bank accounts were not stored on the USB stick, as otherwise you would be handing a identity theft kit on an electronic plate to cybercriminals, which, at current rates, would be worth around £12,000 on the cybercriminal carder and allied data exchange forums," he said.

"It saddens me to hear that the investigation by the ICO found that Rochdale council's data protection practices were insufficient and that it failed to make sure that memory sticks provided to staff were encrypted. The council also reportedly failed to provide employees with proper data protection training," he added.

"This is all about manager and user education, so it's clear that we, as an IT security industry, need to redouble our efforts on the security education front."

For more on Cryptzone: www.cryptzone.com

For more on the data Cowboy in Rochdale USN stick saga: http://bit.ly/rH2Gat

Press releases you might also be interested in

Weitere Informationen zum Thema "Hardware":

Was sind (KI-)Akzeleratoren?

Un­ter Ak­ze­le­ra­to­ren ver­steht man „Tur­bo-Pro­zes­so­ren“, haupt­säch­lich im Be­reich von KI-An­wen­dun­gen, die spe­zi­fi­sche Auf­ga­ben wie zum Bei­spiel Mus­ter­er­ken­nung, Ana­ly­se un­struk­tu­rier­ter Da­ten, Mon­te-Car­lo-Si­mu­la­tio­nen, St­rea­ming-Auf­ga­ben oder den Auf­bau neu­ro­na­ler Net­ze über­neh­men.

Weiterlesen

Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.


I want to subscribe to the gratis press mail and have read and accepted the conditions.