Microsoft Outlook Support

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, 25 May 2009

Experts says trashed hard drive fiasco at Pfizer could have been avoided with Encryption

Posted on 10:23 by Unknown
Credant says trashed hard drive at Pfizer would not have happened if data had been encrypted

Credant Technologies says that a security gaffe resulting from an employee at health service company Pfizer throwing an apparently surplus hard drive into the trash would not have happened if the data were encrypted.

Michael Callahan, the military grade encryption specialist's senior vice president, said that the fact that the company has had to write to the people affected - whose names and social security numbers were apparently listed on the hard drive - and offer them credit and ID theft monitoring is both expensive and embarrassing for the company.

"If the health services company had adopted an encryption policy on its sensitive data - whether the data is in transit or at rest – then the accidental disposal of the drive by the New Hampshire staffer wouldn't have been the headline news for the company," he said.

"What makes the case interesting from a policy enforcement approach is that the employee threw the drive into the trash at his home, which means that office security protection systems wouldn't have stopped this from happening," he added.

According to Callahan, this is where an encryption policy on sensitive data can act as a safety net to prevent embarrassing situations like this from hitting the headlines.

The important take-out from this incident, he explained, is that it proves the need for a multi-layered set of IT security defences in a typical organisation.

Obviously, he said, office security policies would have spotted the unauthorised disposal of the hard drive in the company trash and the drive would have been intercepted by the site security staff.

At home, he added, the employee was effectively outside of the control of the office security systems and, as such, the contents of their hard drive was at much greater risk then normal.
And this, he noted, is where a company-wide encryption of sensitive data policy would have stepped in to prevent employee stupidity from costing the company money and avoiding red faces in the boardroom.

"It's worth noting that this isn't the first time that Pfizer has been hit by data breaches. During 2007 and 2008 the company hit the headlines several times. It is to be hoped that this latest data security incident triggers a review of the firm's encryption policies and procedures," he said.

For more on Pfizer's trashed disk drive problems: http://preview.tinyurl.com/pqvtaf

For more on Credant Technologies: http://www.credant.com

Source: Eskenzi PR
<>
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • DDoS-Attacks disable many shopping websites, including Amazon
    Just in time for last minute Christmas shopping major shopping sites disabled by Michael Smith (Veshengro) London, December 26, 2009: An...
  • Open Source Software in Business & Government
    by Michael Smith (Veshengro) Lots of Open Source in use in mainland Europe, including EU member states, very little in the UK and less still...
  • Cyber-Ark Expands RSA Secured Partner Program Certification Status
    Cyber-Ark Privileged Identity Management Suite, Inter-Business Vault and Sensitive Document Vault Now Formally Interoperable with RSA enVisi...
  • Infosecurity Adviser applauds forensics lab training facilities at key UK university
    London, UK. May 2009: Infosecurity Adviser, Infosecurity Europe’s online community for the information security industry, has published a r...
  • Scientific company discusses simultaneously protecting applications and data
    Simultaneously protecting applications and data: The next evolution in security? September 2009 (Eskenzi PR) – In a recent Imperva podcast...
  • TUFIN TECHNOLOGIES WINS the PRESTIGIOUS 2010 Computing Security Award for ‘Best bench tested solution of the Year’
    Network Computing and Computing Security Magazine Editors Select Tufin’s SecureChange Workflow as the Top Product Reviewed in 2010 Londo...
  • Brocade Service Could Help Reduce Billions in Data Centre Operations Costs
    New Energy Efficiency Review provides holistic assessment and remedial strategies to help companies optimise efficiency and reduce costs Ene...
  • Infosecurity Europe 2011 Hall of Fame nominations now open
    London UK, February  2011 – The time is ripe to elevate the greatest movers and shakers in the world of information security as nominations ...
  • Tufin survey reveals the truth about fudging audits, IT cost cutting and buying equipment online
    Ramat Gan, Israel – May 27, 2009 – Tufin Technologies today announced the results of its “Reality Bytes” security survey. The survey parti...
  • ISACA’s EuroCACS Conference Demystifies the Cloud
    Event for IT Professionals Will Take Place 20-23 March, Manchester London, England, (8 th March 2011)— Global business and information ...

Categories

  • ASUS
  • AVG Link Scanner
  • BeCrypt
  • book review
  • Brocade
  • Codenomicon
  • Columbian USB stick loss
  • computer recycling
  • Conficker worm
  • Credant Technologies
  • cyber crime
  • Cyber-Ark
  • Cyber-Ark®
  • Data Center
  • data encryption
  • DeviceLock
  • Digital Pathways
  • diskGenie
  • Eclypt
  • Eee PC
  • Eee PC Seashell 1008HA
  • F5 Networks
  • Facebook
  • Finjan
  • Finjan Inc.
  • Finjan MCRC
  • Firewall Management
  • Fortify
  • Fortify 360
  • Fortify Software
  • Fortify® Software
  • gadgets
  • Google
  • Google Chrome
  • green computing
  • green IT
  • IBM
  • Infosec
  • Infosec Europe 2009
  • Infosecurity Adviser
  • Infosecurity Europe
  • Infosecurity Europe 2009
  • Internet privacy
  • iStorage
  • iStorage diskGenie
  • iStorage Ltd.
  • Juniper Networks
  • Lakeland
  • Lapdesk
  • LLC
  • Logitech
  • malware
  • ManageEngine
  • McAfee International Ltd
  • MI6
  • MI6 data loss
  • Microsoft
  • MiFi™ 2352
  • Mio
  • Mobile Broadband
  • MS Office
  • National Cybersecurity Advisor
  • Navman
  • Navman Spirit
  • Netac
  • Novatel
  • Novatel Wireless Intelligent Mobile Hotspot 2352
  • OneClick IntelliPanel Desktop
  • online social media
  • open source
  • OpenOffice.org
  • Optenet
  • Origin Data Locker
  • Origin Storage
  • PNDs
  • product review
  • Red
  • SaaS
  • Sat Nav
  • saving energy
  • Security
  • Shavlik Technologies
  • SIS
  • spam
  • Stonewood Group
  • Storage Area Networks
  • Storage Expo
  • Storage Expo 2009
  • Sun Microsystems
  • Swine Flu
  • Syphan Technologies
  • Throwing Sheep in the Boardroom
  • Tufin Technologies
  • Twitter
  • U256
  • Unisys Security Index
  • USB drives
  • Vektor
  • VisionRacer
  • VisionRacer VR3
  • VMware
  • Weast
  • Web Apps Security
  • WebFilter PC Solution
  • WebSpy
  • XSS-driven attacks

Blog Archive

  • ►  2012 (1)
    • ►  January (1)
  • ►  2011 (67)
    • ►  December (1)
    • ►  April (1)
    • ►  March (14)
    • ►  February (30)
    • ►  January (21)
  • ►  2010 (192)
    • ►  December (20)
    • ►  November (22)
    • ►  October (19)
    • ►  September (5)
    • ►  August (8)
    • ►  July (5)
    • ►  June (22)
    • ►  May (13)
    • ►  April (11)
    • ►  March (13)
    • ►  February (27)
    • ►  January (27)
  • ▼  2009 (240)
    • ►  December (25)
    • ►  November (9)
    • ►  October (21)
    • ►  September (19)
    • ►  August (30)
    • ►  July (35)
    • ►  June (30)
    • ▼  May (21)
      • Impressions of an ASUS Eee PC 900
      • Touch the Light Fantastic
      • Survey Reveals Workaholics now working 2-6 hours a...
      • Tufin survey reveals the truth about fudging audit...
      • UK SMEs drastically underestimate IT security dang...
      • Experts says trashed hard drive fiasco at Pfizer c...
      • New In-Line product doubles network throughput
      • Beware fake security software
      • TDK bid to use solid state technology will not fly
      • Fortify says online credit card security lapse may...
      • The KBC Group Taps Tufin Technologies to Streamlin...
      • MPAA/RIAA Web site security flaw ironic, but unsur...
      • Mio launches new Navman range
      • ASUS Eee PC Seashell Netbook launched in UK
      • US missile launch data on eBay hard drive signifie...
      • Is Your Firewall A Fire Hazard?
      • Throwing Sheep in the Boardroom – Book Review
      • IT experts say MI6 drug information loss in Columb...
      • IT Security Solution helps keep Swine Flu under co...
      • Tufin Technologies supports Rt Hon David Blunkett'...
      • Tufin Open Platform launched providing platform fo...
    • ►  April (42)
    • ►  March (8)
Powered by Blogger.

About Me

Unknown
View my complete profile