Valentine’s Blog

Love is in the air. Spring is around the corner. And a young man’s mind turns to love.

But enough about him. This several-years-away-but-still-a-bit-close-for-comfort middle-aged man’s mind has turned to yet another Public Sector data breach, announced on Friday. For a change I’m not going to not tuck into the unfortunate perpetrators, the ICO or the ICO’s paymasters (or at least I’ll try not to).

This should have been a simple thing to prevent, and Lord alone knows I’ve been banging on about it enough for the last few weeks. This breach happened for two reasons:

1. A busy person working under pressure had an email address wrongly auto-filled for them
2. There was no process or supporting technology in place to help them

Point 1: ask yourself – could this happen to you? Are YOU so infallible that you wouldn’t do it? Of course not. A colleague of mine, something of an utter pro and a ‘straight bat’ sort, told me a tale of how they accidentally emailed their entire senior management team with a career limiting email and rushed down to IT to tearfully beg them to pull the plug out of the back of the email server to save their career. The learning was:

a) Senior management never read emails from underlings
b) we ALL screw up from time to time

Point 2: This issue could have been easily prevented by the use of a simple DLP (Data Loss Prevention) tool combined with protective labelling software. In fact, I’m running a seminar on it! Have a look here. Frankly, there is little excuse for any organisation that has sensitive information being handled by that most sensitive of things, humans, not to be looking at this topic.

On this Valentine’s Day, some quotes:

To err is human, to forgive is divine (Alexander Pope)

The course of true love never did run smooth (William Shakespeare)

Ignoring the fact that your people are pressurised, tired, frustrated creatures will end you up before the ICO (Graeme Stewart)

No excuses for this sort thing – its easily remedied and easily prevented. DLP + labelling should be on your list of to-do’s right now – it will make your team love you, as well as your bosses, your customers, and best of all, the ICO.

Happy Valentine’s Day All!!!

Advertisements

About Graeme Stewart, McAfee

I work for McAfee as Director of Public Sector Strategy and Relations, UK&I
This entry was posted in Data Breach, Data Breach Fine, ICO, Legal, Security, Sophos, Titus, Valentines. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s