14 DAY TRIAL // November and December came with a worrying high number of data losses that makes the security experts, from all around the world, give advises for a better and more powerful computer protection. Following the recent two major UK data leaks, concerning the HMRC and the DWP, Calum Macleod, European Director with Cyber-Ark, came out and urged the companies and departments from all over the world to encrypt the information stored on the computers and protect the data, by using better technologies.
"Coming so soon after the HMRC CD-ROM Fiasco, this highlights several errors of procedure within a number of government departments. It also highlights the need for all organizations, whether public or private sector, to control who has access to their data encrypt their company and client databases," Calum Macleod said, according to PublicTechnology.net.
"There are several significant errors of procedure here. Access to the data should only be possible with the permission of senior internal staff, the disks should have been encrypted, and should not have left the office without audit logging systems being applied, and should have been retrieved by the agency following the contractor's departure," he added.
The HMRC data loss was caused by an employee, who sent two CDs containing private information of about 25 million people to another department. The discs have never arrived at the destination, so both residents and officials are worried that they could fall into criminal hands. A few days ago, a new report came out disclosing another potential data loss. This time, an ex-employee of the Department for Work and Pensions took two CDs containing claimants' details at home and she forgot (shocking!) to return them. At least, this is what she said.
"It's unlikely that anybody's head will roll for this second CD-ROM database fiasco, but until such time as the public sector and the government invest in the technology that is readily available to avoid these repeated breaches of the data protection act they should put their national ID scheme on ice. Who knows what else is out there in the public domain," the Cyber-Ark official continued, according to the same source mentioned above.