If you’re interested in protecting yourself against data theft, data leakage and other USB device related risks and would also like to help needy children, then you’re going to love the License to hope campaign! Powered by CoSoSys and the Romanian Foundation for Children, Community and Family, License to hope aims to create an education center with 50 properly equipped laptops and providing computer usage training to 150 marginalized children yearly.
To do so, CoSoSys will donate 50% from all revenue generated by Secure it Easy license sales. Secure it easy is an easy to install endpoint security software that helps protect notebooks and PCs in small and home offices as well as home users from portable storage device threats. You can use it to lock down USB Ports in seconds and control your PC’s endpoint devices. Read more
Mistakes happen everywhere. Some lead to lots and lots of private data being exposed. This is the case of Danish group ISS whose representatives accidentally mail a storage device containing 9500 employee records instead of holiday cards. The bad news is that the information exposed included names, addresses and social security numbers. The good news is at least it wasn’t their whole employee database, about 2000 managed not to be exposed to the risk of identity theft and fraud!
The company has announced those affected by this new breach but it’s not giving too many details, as there’s an ongoing investigation. Read more on the incident here.
As far as we’re concerned, the conclusion is very simple. Be careful where you store private details of your employees! Try to do it on a safe computer network. And if you need to save all that info on a storage device, make sure it’s encrypted, because such little gadgets are misplaced all the time!
Shands HealthCare has recently announced about 12,500 of their patients that their private medical data has been stolen in January, along with the laptop that contained the personal details. As it almost always happens in the case of hardware storing sensitive records, the laptop wasn’t encrypted in any way.
The stolen info contains names, addresses, medical record numbers and medical procedure codes of the patients, as well as the Social Security numbers of about 650 people. Luckily, up to know, there is no evidence of any misuse of the data, and we should keep hoping that the thief or thieves just needed the notebook to sell it or for personal use…
At least some measures have been taken: training for the employees and system-wide encryption policy to prevent such data breaches in the future. And of course, there’s protection for those affected, eligible for 12 months of free credit monitoring.
Let’s hope the new system works, as according to Gainesville.com, security breaches involving large amounts of patient data being exposed are some what of a recurring habit at Shands.
Yet another warning about data loss, company policy and how easily all your files can be liked over the internet comes into the security world, this time from the Federal Trade Commission. Long overdue some would say, including Robert Siciliano in a recent post on Information Security Resources.
Yes, it is quite bewildering to see how after warning after warning and a long line of data breach incidents, companies still allow the misuse of software and hardware resources. It is also confusing to see the FTC now getting ready to directly warn about 100 companies about the risks of peer-to-peer. It’s a bit late, years and years after the problems appeared. Read more