ICO tells M&S to get encrypted
By Nicole Kobie,
Marks & Spencer (M&S) has been told to encrypt its laptop hard drives by the Information Commissioner's Office (ICO), after the watchdog found the high street retailer in breach of the Data Protection Act following a stolen laptop last year.
The unencrypted laptop, which went missing from an M&S contractor's home in mid-April of last year, held personal pension data on 26,000 of the retailers' employees.
Following an investigation, the ICO has issued the retailer with an Enforcement Notice ordering all laptop hard drives to be encrypted by April 2008. It is a criminal offence if M&S fails to follow the notice, the ICO said.
Mick Gorrill, Assistant Commissioner at the ICO, said: "It is essential that before a company allows personal information to leave its premises on a laptop there are adequate security procedures in place to protect personal information, for example, password protection and encryption."
He added: "Organisations which process personal information must ensure that information is secure - this is an important principle of the Act. If organisations fail to introduce safeguards to protect information they risk losing the trust and confidence of both employees and customers."
According to the notice, the ICO served the retailer with a preliminary notice in July, asking M&S to comply with the act, specifically the seventh section concerning information security. In the notice, the ICO said that M&S said it was willing to take steps to reach compliance, but only if it was not made public - which the commissioner said was "not acceptable". However, the document also shows that the retailer had started the process of encrypting its hard drives by October 2007.
In response, an M&S spokeswoman said the retailer was a bit "bemused" by the situation, and "at a bit of a loss to understand why the ICO has done it".
She said that M&S had been in continual contact with the ICO since the laptop theft, and had made a decision to encrypt its laptops in October. "We're well ahead of the game," the spokeswoman said, adding the retailer is doing everything it can to meet the April deadline.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Networking Analysis & Insight
Bring you own device: the $600 question
Inside the enterprise: A recent Cisco report claims bring your own device is gaining support from IT departments. But how much are staff willing to invest in personal technology?
- Interop 2012: Q&A, Saar Gillai, CTO, HP Networking
- Is BT the key to broadband Britain?
- Tencent: the biggest web company you’ve never heard of
- The truth about spam
- Have ISPs finally lost the DEA fight?
- Are you ready to launch IPv6 securely?
- Broadband, pricing and small businesses
- Welcome to the stay-at-home Olympics
- Q&A: Cisco on servers, storage and strategy
Latest Networking Reviews
HP t410 All-in-One Thin Client review: First look
- Swyx SwyxExpress X20 review
- Ipswitch WhatsUp Gold Premium 15
- ForeScout Technologies CounterACT 6.3.4
- ThinPrint Printer Dashboard review: First Look
- TITUS Aware for Microsoft Outlook review
- Windows Phone 7 Mango review: First Look
- Dartware InterMapper review
- Kemp Technologies LoadMaster 3600 review
- Sangfor WANACC M5500 review
advertisement
Most popular
- IBM bans use of Siri on iPhones
- Apple iPad 3 vs iPad 2 head-to-head review
- Lenovo ThinkPad X1 Carbon Ultrabook review : First look
- Chromebooks: What's gone wrong?
- HP plans massive job cuts
- Google: Government controls are the internet's biggest threat
- Macs and Android under malware threat
- Sony Vaio T13 Ultrabook review: First look
- RIM loses its head of sales
- ARM-based Windows 8 tablets facing delays
PlayRegister for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
