IT Confidential: A Checklist For Protecting Personal Data
The incidents involving the loss of sensitive personal data are getting laughable; here's a list of dos and don'ts that your organization needs to keep in mind.
When will it end? Apparently, not until we learn the lessons of data protection. I'm referring to the continuing incidents of personal data loss: hacked data, stolen data, pretexted data, data thrown away in Dumpsters, data that falls off the back of delivery trucks, and data inadvertently--or advertently--published on Web sites where everyone and his brother can find it.
These incidents are becoming laughably commonplace, and the most recent is a real howler. On June 10, along with a $200 radar detector, a "computer backup device" was stolen out of the car of a college intern working for a state agency in Ohio. In a press release June 15, Gov. Ted Strickland said the device contained 338,634 files in 24,333 folders, which included the names and Social Security numbers of all 64,467 people employed by the state. The device also was found to contain electronic funds transfer data for school districts and local governments, as well as data on state welfare recipients and on people who hadn't cashed tax-refund or lottery checks.
I've put together the most salient lessons to be learned from this incident, and I've organized them as a checklist; feel free to tear out this page of the magazine, or print the list from the Web site, and post it prominently in your organization.
One last point. Gov. Strickland hired a local computer security company called Interhack to make recommendations regarding encryption and other policies. Is it really wise to hire a security company with the word "hack" in its name? I don't know, I'm just asking.
Is it really wise to tick off a computer security company? It's just a joke, guys, don't take it personally. Send me an industry tip or I'll take it personally, to email@example.com, or phone 516-562-5326.
To discuss this column with other readers, please visit John Soat's forum.
To find out more about John Soat, please visit his page.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.