Lessons to learn from a year of data breaches

In the year since the HMRC data breach, many more have been made public – here’s a roundup of 11 lessons (we should have) learned.

the manager was duly fired

While some might say the manager was made a scapegoat, others clearly hope such disciplinary action becomes more common. Either way, keep watch of those laptops, or risk your career.

Lesson Three: USB drives don't stay in pocketsMemory sticks are great you can transfer data easily and quickly, stick it in your pocket, and then lose it all on a pub floor.

Back in May, the MoD did just that. A USB was discovered on the floor of a Newquay nightclub. The unencrypted stick contained data on military personnel, training exercises, and soldiers' accommodations.

Advertisement - Article continues below
Advertisement - Article continues below

Thankfully, whoever discovered the roving USB did the right thing, and rather than hand it over to terrorists, turned it into responsible authorities a tabloid newspaper.

And just this month, the government lost a memory stick in a pub car park; this time, it held passwords to Government Gateway, a massive online public sector portal.

So while USB drives might seem a cheap and cheerful data transfer tech, they can be costly. Just ask PA Consulting. That firm mislaid a memory stick containing the details of all 84,000 prisoners in England and Wales. For that, the Home Office ended its 1.5 million contract.

Lesson Four: Laptops are easy to stealLaptops and portable hard drives are not only easy to carry around, but relatively pricey equipment. Unsurprisingly, if it's worth stealing and it isn't nailed down, it's going to get stolen.

So don't leave laptops near open windows, in unlocked car boots or anywhere a devious member of the public could spy it and snatch it. The MoD, the NHS and other government agencies can all attest to this, though they don't seem to be learning the lesson very quickly.

A Tooting-based hospital saw six laptops vanish in one incident this year, while two were stolen from a hospital in Brent.

Advertisement - Article continues below

Thieves nicked a laptop belonging to secretary of state for communities and local government Hazel Blears through a smashed window, while a MoD laptop holding details of 600,000 people was stolen from a car.

Laptops aren't the only theft-friendly devices. A few drives containing Royal Air Force personnel data went missing from a military base earlier this year.

And it's not just public sector organisations losing laptops. Associated Newspapers lost one computer containing bank account details.

Lesson Five: Encrypt everythingWith all the roving USB drives, stolen laptops, discs lost in the post, isn't it time encryption became the norm?

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now

Most Popular

public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
web browser

Microsoft developer declares it's time to ditch IE for Edge

23 Jan 2020