July 10, 2009    

Credant warns firms to encrypt customer data

by David Masters

Security specialist Credant Technologies has reminded all firms that store customer details to ensure that they encrypt data.

Credant issued the warning following reports that the Information Commissioner’s Office (ICO) has taken action against a UK-based insurance company for failing to protect the data of over 2,000 policy holders.

The Lloyds-owned insurance firm lost an unencrypted disk holding the customer data, and has been told by the ICO to sign a ‘formal undertaking’ to improve its data protection methods.

“The firm blamed the data breach – which involved data going back as far as ten years – on a lack of staff training and poor data handling procedures,” said Andrew Kahl, Credant’s co-founder and senior vice president of operations.

“The reality is that all firms need to adhere to IT security policies involving encryption of staff and customer’s personal data,” Kahl added.

“Companies also need to enforce those encryption security policies using suitable IT systems.

“These systems act as an audit safeguard and can save companies money and embarrassment in the longer term.”

The data leak by the insurance firm is the latest in a series of high profile breaches of data protection law by businesses and government departments over the past two years.

Twenty months ago, the Inland Revenue lost a CD-ROM containing the details of 15,000 pension holders.

Click here to discuss this: Security Forums

Related posts to "Credant warns firms to encrypt customer data":

• Lawyers found guilty of failing to defend their clients
• CREDANT and Safend Partner to launch CREDANT Protector
• PIN cracker situation due to weak security
• CREDANT and Safend Release CREDANT Protector
• Credant launches encryption security for OS X

Previous: « Neptuny Joins Red Hat Partner Program in Italy
Next: DoS attacks could have been engineered by anyone »

Visited 500 times, 1 so far today