Cryptography

California AG reports 131 Data Breaches in 2012

July 17th, 2013

Data breach incidents are increasing at fast pace and their impact is affecting millions of people. California being one of its victims, the personal information of millions of individuals were exposed in data breaches last year.

Personal information of 2.5 million residents of California were exposed in 131 online data breaches in 2012, as indicated by a recent study done by Attorney General of California. However, more than half of these incidents were easily avoidable.

In a report released by the Attorney General Kamala Harris she revealed that out of 2.5 million California residents affected by data breaches in 2012, 1.4 million would have been fine if the companies had encrypted their data. If the exposed data had been cloaked earlier these incidents would have never been reported under existing state law.

According to some other findings in 2012, average of 22,500 people were affected in each breach. Majority of data leakage incidents were reported in retail industry followed by the insurance and financial sectors. More than 100,000 people were involved in five of the reported data breaches, more than half of breaches involved SSN.

“Data breaches are a serious threat to individuals’ privacy, finances and even personal security. Companies and government agencies must do more to protect people by protecting data.” Harris said in a release.

Harris gave some suggestions for companies and agencies, explaining them that data encryption should always be used to secure the data. She asked them to train their employees and contractors to improve the overall security in an organization. However, some experts in IT security industry declared awareness training to be a waste of money and time.

She further proposed to improve the readability of breach notices, better the access to resources for victims of breaches involving Social Security and driver’s license numbers, and the passage of legislation mandating notifications of breaches involving the exposure of online credentials, such as usernames and passwords.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Laptop stolen from Lucile Packard Children’s Hospital

June 27th, 2013

With over 650 physicians and 4750 staff support and volunteers, Lucile Packard Children’s Hospital is a world-class, non-profit hospital devoted entirely to the care of babies, children, adolescents and expectant mothers.  According to the hospital a laptop containing medical information on pediatric patients was stolen from a secure area of the hospital.

The hospital has notified patients by mail that a password-protected, laptop was stolen from a secured, badge-access controlled area of the hospital and there are chances of data theft. Immediately following discovery of the theft, Packard Children’s Hospital launched an aggressive investigation with security and law enforcement.

The laptop contained operating-room schedules during a three-year period beginning in 2009. Hospital officials are not certain which operating schedules were on the computer. As of now, there is no information on whether the patient data has been accessed by anyone or if there has been any data breach due to the laptop theft.  What is clear though that the information didn’t contain any credit card or financial information. Additionally, there were no SSN and confidential data of customers. However, it is quite possible that the laptop may contain patient records such as name, age, medical record number, telephone number, scheduled surgical procedure etc.

The officials stated, “Lucile Packard Children’s Hospital strives to be an industry leader in the area of medical information security. As a result of this incident, we are taking additional steps to further strengthen our policies and controls surrounding the protection of patient data to reduce the chance that an incident of this type will happen again”.

Data breach incidents have been consistently posing problems in the health insurance industry. The problems have accentuated because the professionals at health care industry have been slow in understanding the importance of data protection. The contrary belief that the medical data can’t be secured is nothing more than a myth. This incident should serve as an eye-opener to other experts from the health care industry.

Encryption software like Alertsec would have helped!

The use of encryption software would have helped to keep files protected on the computer. With encryption installed, none of the information or credentials would have been lost. Alertsec uses industry leading Check Point Full Disk Encryption (former Pointsec) software to create a web based encryption service that simplifies deployment and management of PC encryption

The best way to protect information stored on a PC is by using encryption. Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

Enhanced by Zemanta