A worker for Blackpool Coastal Housing (UK) was fired after taking confidential information home. As far as I can tell, there was no criminal threat or intent. In fact, it sounds like any of the thousands of incidents where employees take information home just so they can work in a non-office environment. But then again, it’s because of such instances that the use of disk encryption software like AlertBoot has become important.
According to the blackpoolgazette.co.uk, Blackpool Coastal Housing (BCH) alerted 80 tenants of a data breach. A worker, who has been let go, copied their information to a USB memory stick and transferred the data to her home computer.
It was not reported whether the data was stolen or further copied (in fact, the implication seems to be that the information was not stolen), but it was pointed out that the worker’s home computer was accessible by “other people.” It was not detailed whether that means flatmates, family members, or passersby.
In essence, it looks like the worker got canned because she didn’t have the authorization to take the information beyond work premises. That might sound harsh, especially considering that nothing untoward has happened. However, it’s seemingly innocuous actions such as these that eventually lead to a data breach. If such actions are taking place by the thousands, the odds of a breach occurring increase dramatically.
Data Encryption Important. User Behavior Even More Important
Encryption software is frequently offered as a solution to data breaches. Like all solutions out there, though, there are limits to its effectiveness. Anyone worth their salt in the security sphere will not claim that encryption doesn’t work; the same people often point out that this doesn’t mean that encryption will work all the time.
For example, strong encryption like AES-256 is virtually impossible to break. However, if the password for accessing encrypted contents is leaked on the internet, debating the security provided by AES is a practice in futility. As noted above, encryption works, but not all the time…
Also, consider this: disk encryption protects the contents of that disk only. So, if a file is copied off of one computer disk to another (such as a transfer of files from an encrypted USB memory stick to a laptop computer), the recipient computer will hold an unencrypted copy of the file.
Technological solutions aimed at data protection abound but one of the best and most important solutions at preventing data breaches is still human behavior.
Related Articles and Sites: