Showing posts from July, 2007

The Breach Blog: What Have We Come To?

SC Magazine recently put The Breach Blog on line, a veritable wall of shame for almost daily information breaches. You'll find gems like the Bowling Green professor who kept students personally identifiable information (PII)on his USB stick, then lost or the Texas A&M-Corpus Christi professor who did exactly the same thing WITH EVERY STUDENT'S PII ON THE USB STICK! The losses are consistent: lost or stolen laptops, USB sticks, and backup tapes, along with the occasional server administration meltdown or ye good olde hack.
What's it going to take to convince universities to implement better policies and practices such as USB device management, including encryption and approved devices only?
When will Ohio state government managers realize that the intern you're paying $10.50 an hour is not the ideal caretaker for an unencrypted backup tape containing the PII of all 64,467 state employees?
Say it with me, people. Encryption. Best practices. Policy. Standards. Easier sa…