Veterans' Data Theft Highlights Need To Secure Data On Laptops
The people handling data, not technology, are the weakest
link in data security.
The theft of a computing device containing the names, social security numbers and birth dates of 26.5 million U.S. veterans and some of their spouses once again brings to the forefront the importance of securing securing data on a storage device or a PC.
But so far, it looks like many end users and their channel partners haven’t taken the steps needed to address the problem.
On Monday, Reuters reported that earlier this month, data on an unspecified computing device was stolen from the residence of an employee of the Department of Veterans Affairs. The employee wasn’t authorized to have that data outside the office, according to the report.
A major problem in such scenarios is that the security of the data--no matter what type of perimeter safeguards are in place--remains vulnerable at its weakest point: the people who handle the data, said Dave Cerniglia, president of Consiliant Technologies, an Irvine, Calif.-based storage vendor.
"In the VA case, it's your own people screwing up," Cerniglia said. "It's always going to be an issue. This is probably a dedicated guy who did a good job all his life who now screws up and will probably lose his job."
That has been the case with several high-profile losses of data in the past year, including insurance or human-resources data stored on laptops that were stolen or tapes were lost after being sent for archiving.
In other headline-grabbing cases, online personal data was stolen from financial firms and other companies whose networks were reportedly secure.
Last year, security breaches at ChoicePoint, LexisNexis, MCI and the Bank of America resulted in stolen account information or social security numbers for about 580,000 customers, according to research firm IDC. Also during the year, missing backup tapes from Bank of America, Ameritrade, Time Warner and Citigroup had the potential of exposing account or social security data of 5.9 million people, IDC said.
Nevertheless, businesses are not flocking to new technology designed to prevent such data loss, Cerniglia said.
"In enterprises, or in specific verticals like financial [services], it becomes an issue," he said. "But customers have other pressing problems that need to be handled. Many projects need to be done. They need to prioritize their bandwidth."
For that reason, Consiliant is eyeing opportunities in this space, according to Cerniglia.
"We're looking at what the vendors are doing, but we're not actively targeting customers yet. Before we jump on the bandwagon, it's more important to listen to what customers need," he said.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.