News
 IT
Confidential: A Checklist for Protecting Personal
Data
By John Soat, writer of the weekly column “CIOs
Uncensored”
It won’t end, not until we learn the lessons of data
protection. I'm referring to the continuing
incidents of personal data loss: hacked data, stolen
data, pretexted data, data thrown away in dumpsters,
data that falls off the back of delivery trucks, and
data inadvertently—or advertently—published on Web
sites where everyone and his brother can find it.
Here's a list of do’s and don'ts that your
organization needs to keep in mind.
• Don't bring sensitive data home. The state
of Ohio's nightly data backup policy was
two-pronged: One copy stayed in the network
administrator's office, a second copy was to be
stored off-site. According to reports, the off-site
part evolved into the backup data going home with
one of the IT people, which eventually was delegated
to one of the interns. You know that old
saying--don't bring your work home with you? It
applies here.
• Don't leave a storage device containing
sensitive personal data in your car. The same
goes for carrying it in your back pocket on the
subway, asking the person behind you in line to hold
it while you go to the bathroom, checking it into a
locker at the bus terminal, or leaving it on the
stool next to you in a bar.
• Don't delegate responsibility for sensitive
data to a 22-year-old college intern. "On its
face, with what we know today, this seems like a
questionable decision," the Columbus Dispatch quoted
a spokesman for the Ohio Department of
Administrative Services. I'm all for internships.
However, when it comes to data security, look for
someone with a little more skin in the game.
• Make sure your chief privacy officer knows his
or her job, and is actually doing it. Gov.
Strickland said: "The Chief Privacy Officer at the
Office of Information Technology will be responsible
for coordinating the implementation of improved data
security measures." That qualifies as closing the
barn door after the horses are gone.
• Encrypt, encrypt, encrypt! By middle
school, most kids today know their way around a
keyboard and a mouse, so don't assume that just
because "specialized knowledge and equipment" are
needed to read data off backup tapes, crooks can't
figure it out--especially if the files on those
tapes aren't encrypted, which these weren't.
Don’t let your organization become another
statistic. Learn the lessons of data protection now,
reap the benefits later.
---Source:
Reprinted from Information Week June 23, 2007
www.informationweek.com. John Soat can be reached at
jsoat@cmp.com.
|
|
|
|
 |
|
Save money on postage using leading
mail preparation software and other
direct marketing products. |
|
|
|
|
 |
Update & standardize addresses and
find out more about contacts in your
database.
|
|
|
|
|
 |
Find new customers perfect for your
business with our online and
specialty mailing lists.
|
|
|
|
|
 |
Locate the business information you
need such as ZIP Codes, address
verification, maps.
|
|
|
|
|
