Posted on February 8, 2011 by Josh Arrington
The UK Information Commissioner’s Office has today issued two local government councils with fines for breaches of the Data Protection Act. The two bodies were fined £80k / $128k and £70k / $113k respectively after two unencrypted laptops, containing the details of around 1,700 individuals, were stolen from the home of an employee working on the joint out of hours service for both councils.
What’s particularly interesting in this case is that one of the council’s actually had a policy in place requiring all data to be encrypted – something which they’d evidently failed to roll out organisation-wide.
Given both councils chose to ignore the warning signs, it’s quite clear that more needs to be done to ensure that organisations take data protection more seriously. As we’ve seen in the US with Senate Bill 1386, fines certainly act as a wake-up call to those involved, but education is absolutely essential if staff are to understand the pitfalls that can ensue from poor data protection policies.
With four fines already under its belt, the UK ICO seems set to make its point – issuing a warning only last week to local councils threatening prosecution for failure to implement proper data control procedures. Unfortunately we’re still seeing the fallout from organisations that are simply not succeeding in protecting valuable data, so it remains to be seen whether such warnings will be taken seriously. If not, and lessons are to be learned the hard way, at least we can be sure the powers that be will not be turning a blind eye.
Posted on May 24, 2013
Grossly Underestimating the Privileged Account Security Problem Part 3: Automating Privileged Account Management and Cyber-Ark DNA™ (Discovery & Audit)
Posted on May 16, 2013
Grossly Underestimating the Privileged Account Security Problem Part 2: Defining Privilege with Cyber-Ark CMO, John Worrall
Posted on May 9, 2013
Posted on May 8, 2013
Posted on May 6, 2013
Posted on May 3, 2013
AP Hack & Social Media Accounts – Another Great Example of the Danger of Shared, “Privileged” Accounts
Posted on April 25, 2013
Posted on April 1, 2013
Copyright 2013 Cyber-Ark Software - All Rights Reserved