Another Day, Another Data Breach At A Government Facility: US Department of Veteran Affairs Missing (Even More) Computers.

Hot on the trail of the UK Government’s misplacement of two CDs with sensitive information on nearly half of all Britannia, there’s a small story concerning the Veteran Affairs office in the US.  Three PCs, two of them desktop machines and one of them a laptop, are missing from a medical facility in Indiana.  The theft took place, of all things, over Veterans’ Day weekend, so it actually preceded the brouhaha that’s rising to a crescendo on the other side of the pond.

 

Some of the details vary, but this much is certain: Of the three computers stolen, one of them had the confidential records of 12,000 patients.  The contents were not encrypted, but they were password-protected (again, meaningless in terms of security; not so much in terms of PR).  Some say that the machines were stolen from an insecure location; however, the press release from the VA state that the computers were stolen from locked offices.  As well they should have been; otherwise, the VA hospital would in violation of several HIPAA requirements, and setting themselves up for major headaches.  Other than what they currently have, that is.  Contacting any number of patients, be it twelve thousand or twenty-five million, can never be a cheap or easy process.

 

CDs, laptops, desktops…it just goes on to show that the medium in which the information is contained does not matter.  Unless things are bolted down, anything expensive enough will be stolen, assuming someone can lift it.  Heck, sometimes the fact that it’s bolted to the floor doesn’t matter at all.  Do a search for the words “ATM,” “stolen,” and “truck” in Google and you’ll see quite a number of instances where those heavy machines with their delicious, crisp bills are yanked away.  You might even be able to pull up a video.

 

It’s unfortunate, but these are the times we live in.  Old timers may wistfully reminisce of the times when there was no crime in their neighborhood, and were able to keep their doors unlocked all day long; however, this illusion of safety is just that, an illusion.  The word burglar and thief, quite obviously, are not recent concoctions by the guys over at Oxford and Webster’s; they existed well before the 20th Century.  (Hammurabi had some laws regarding theft, if I’m not wrong.)  In Cold Blood was based on real incidents in 1959.  The past wasn’t much safer; slower and local is what it was.  People couldn’t travel far easily, cheaply, and rapidly.  Events in Kansas couldn’t affect people in New York, unless it became a literary sensation.  And even then, it took time for a man to compile the information, conduct interviews, and have the publisher print the books and distribute them before anyone was really aware.  Local.  Slow.

 

Likewise, in the business world, things were slow and local as well up until the late 1980s, early 1990s.  That’s when the US companies really started to look overseas to find growth.  (Incidentally, that’s also when executives began to see foreign posts as a ladder towards something bigger, as opposed to being flung far away where they couldn’t do any damage to the real guts of the business, i.e., US-centric operations.)  The Internet came along; things got miniaturized and faster; and people still acted as if they lived in the 1950s while inside the digital world—they didn’t lock their digital doors; heck, they probably didn’t know whether they had digital doors to begin with.  Is it any wonder that we’ve got cybercriminals running rampant, commanding (illegal) revenues that rival a Fortune 100 company?

 

It’s time for people to wake up to the fact that having locks and doors are, as Martha Stewart puts it, a good thing.  We have them on actual doors; it’s time to put them on the doors to our digital assets as well.  Passwords?  They’re like a screen door: Easily penetrable.  Plus, it allows those who are interested enough to peek through.  What you want in terms of security is encryption.  These are the double doors made of heavy oak.  This way, if your laptop or computer is stolen, you know that your data is safe.  With services such as AlertBoot, you can even extend this protection to your Smartphones as well.

 

The continuing high-profile cases of governments and businesses being compromised by hackers and other criminals have brought digital security to the forefront of the general public.  It was high time that people started talking about this.  At the same time, it’s something of a disservice because people think it’s the incompetence of the government or the cost-cutting greed of businesses that is allowing all of this criminal activity to happen.  And my own personal bias is that, yes, it is.  But it’s also just people in general not being aware that they’re bound to become a statistic, much sooner than later.  Like some tourists arriving at JFK being robbed blind.  Or wearing a Yankee’s hat at Fenway.   Or eating a bunch of that bright, green stuff at the sushi place.  I tell people it’s horseradish, but people don’t know what horseradish is.  Until they’ve eaten a scoop of it, that is.  That’s when they know horseradish is not some exotic BaskinRobins flavor.  Likewise, it seems those who are bitten by cyber crimes are the ones who’ve taken to heart that information security is a necessary and preventive measure.  I can only hope that the general population also accepts this view in time without falling victim to the times, just like they don’t think twice about locking their doors.



Comments (0)


Let us know what you think