Lessons to learn from a year of data breaches

In the year since the HMRC data breach, many more have been made public – here’s a roundup of 11 lessons (we should have) learned.

the manager was duly fired

While some might say the manager was made a scapegoat, others clearly hope such disciplinary action becomes more common. Either way, keep watch of those laptops, or risk your career.

Lesson Three: USB drives don't stay in pocketsMemory sticks are great you can transfer data easily and quickly, stick it in your pocket, and then lose it all on a pub floor.

Back in May, the MoD did just that. A USB was discovered on the floor of a Newquay nightclub. The unencrypted stick contained data on military personnel, training exercises, and soldiers' accommodations.

Thankfully, whoever discovered the roving USB did the right thing, and rather than hand it over to terrorists, turned it into responsible authorities a tabloid newspaper.

And just this month, the government lost a memory stick in a pub car park; this time, it held passwords to Government Gateway, a massive online public sector portal.

So while USB drives might seem a cheap and cheerful data transfer tech, they can be costly. Just ask PA Consulting. That firm mislaid a memory stick containing the details of all 84,000 prisoners in England and Wales. For that, the Home Office ended its 1.5 million contract.

Lesson Four: Laptops are easy to stealLaptops and portable hard drives are not only easy to carry around, but relatively pricey equipment. Unsurprisingly, if it's worth stealing and it isn't nailed down, it's going to get stolen.

So don't leave laptops near open windows, in unlocked car boots or anywhere a devious member of the public could spy it and snatch it. The MoD, the NHS and other government agencies can all attest to this, though they don't seem to be learning the lesson very quickly.

A Tooting-based hospital saw six laptops vanish in one incident this year, while two were stolen from a hospital in Brent.

Thieves nicked a laptop belonging to secretary of state for communities and local government Hazel Blears through a smashed window, while a MoD laptop holding details of 600,000 people was stolen from a car.

Laptops aren't the only theft-friendly devices. A few drives containing Royal Air Force personnel data went missing from a military base earlier this year.

And it's not just public sector organisations losing laptops. Associated Newspapers lost one computer containing bank account details.

Lesson Five: Encrypt everythingWith all the roving USB drives, stolen laptops, discs lost in the post, isn't it time encryption became the norm?

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Most Popular

Star Alliance passenger data stolen in SITA data breach
data breaches

Star Alliance passenger data stolen in SITA data breach

5 Mar 2021
I went shopping at Amazon’s till-less supermarket so that you don’t have to

I went shopping at Amazon’s till-less supermarket so that you don’t have to

5 Mar 2021
How to find RAM speed, size and type

How to find RAM speed, size and type

26 Feb 2021