The Government admits it’s lost another big stack of personal data – this time, details of learner drivers that should have been in a storage facility in Iowa but in fact… aren’t. It seems that a hard drive containing details of 3 million people went missing in May, and the then transport minister Stephen Ladyman “assumed the new minister would have been told about it” when he left.
Amid the “we’re taking it very seriously” noises, nobody seems to have read the Government’s own sage finger-wagging advice on its recently launched Get Safe Online site.
Under the heading “Be wary of portable storage devices”, the site warns “there is a risk that these devices could be lost or stolen”, and gives the following tips, among others:
• Control access to the data
• Compartmentalise people’s access to data on a need-to-know basis. Does everyone need full access to the customer database or accounts? Can you give people more limited access? For example, by using an access-controlled database rather than a spreadsheet?
• Have clear policies about what employees can do with confidential or business-critical data. Educate the workforce.
• Encrypt corporate data removed from the network just like you would for information on a laptop.
Always good to see people practising what they preach…
(Image: from tgraham’s Flickr stream)