Published on March 3, 2014
Data Security What not to do! UK Data Losses Shredded Neat Limited
Data - Why worry ? • DPA introduced 1984 • Administered by ICO • April 2010 new powers to issue DP ‘Notices’ and pursue through courts • 13,802 cases last year • 372k registered under DPA • 58 spot audits in 2013/13 UK Data Losses Shredded Neat Limited
What could it cost me? • ICO levied £4.25 million in fines on 40 organisations • Average fine £106k • FCA/FSA £7.77 million on just 7 organisations • ICO Max fine £500k and FCA unlimited UK Data Losses Shredded Neat Limited
Our Own Survey • Looked at recorded prosecutions over 20 years, plus: • Internet search of major data breaches • Press and media researched • Pulled together our own statistics and case studies UK Data Losses Shredded Neat Limited
Data Media Losses UK Data Losses Shredded Neat Limited
Secure Paper Losses • Paper in use since 1495 • Digitisation presents challenges dealing with redundant archives • Cloud archiving has specific problems in terms of security • Documents still carried to and from work on various forms transport • Unshredded documents often put in general waste UK Data Losses Shredded Neat Limited
Benji the Bin Man • Benjamin Pell made a living going through rubbish • Professional Muckraker • Drove round London in Hi-Vis emptying bins into his vehicle • Prominent firms and people targeted, paid by newspapers • Police found 200,000 documents in his shed after his arrest! UK Data Losses Shredded Neat Limited
Other data storage UK Data Losses Shredded Neat Limited
Portable Data Media • Seagate devised 1st HDD in 1980, 5Mb, by 2013, latest PCs 4Tb • Or from 5 novels to a library with 4m books • Mem.sticks 1st used 1980s, can hold 128 Gb, convenient to carry – easy to lose! • Mobiles 1990’s, 50% ‘smart’ 25,000 stolen in London per week UK Data Losses Shredded Neat Limited
West African News! • Old pcs/laptops began arriving in Ghana few years ago, Ghanaians welcomed donations to help bridge digital divide. • E-waste dealers set up shop close to port, display 40ft containers they bought in UK – HDDs salvaged are displayed at open-air markets. Organized criminals comb through HDDs for personal information to use in scams. • Totally outside UK regulation & contribute to some of 217,000 ID fraud cases in the UK. UK Data Losses Shredded Neat Limited
Where do losses occur? • Paper losses from offsite storage, during office moves & blown out of doors & windows • Theft of high value laptops/mobiles from houses, trains & cars • 50% of all losses in transit occurred after being in the pub or a restaurant UK Data Losses Shredded Neat Limited
Inverness Police • In 2000, hundreds of documents found blowing across local tip • Internal files on 126 cases incl. bike thefts, drug offences and serious sexual cases • Defendants clearly identifiable • Major inquiry launched by Police • Member public sent bundles found to the local newspapers • Police unable to say how these bypassed their procedures UK Data Losses Shredded Neat Limited
Data Loss Threats
Most Common Threats • Single or compound threats • Excl. misdirected comms. • Intentional e.g. hacking or criminal or accidental, when an event occurs and data falls into other hands or public domain
Reputational Damage • In 2011 Oliver Letwin papped on five separate days • Dumped docs in waste bins in St. James Park • 100 documents retrieved by the photographer • Comprised briefing papers and constituency mail • MP and Minister of State in Cabinet office – Nice one Ollie
Personal Liability • Richard Jackson 2008 • Left files on Train out of waterloo • Contained Joint Intelligence Committee report on Al Queda & MoD report on Iraq’s defence capabilities • Commuter passed them to the BBC • Richard (Dick) fined £2500 and severely reprimanded by Civil Service
Security what security? • Former Home Secretary David Blunket 2002 • Documents found outside a Sheffield Pub • Aerial Photo’s of his home and detailed alarm systems info & his usual daily routine in papers • Ex-soldier found the papers and gave them to S. Yorkshire Police
Graham Clements whoops! • UK MD of Ischida Corp. Japan. • Gives old Blackberry to his IT dept to recycle • Attends his 1st Board Meet to find his Blackberry No1 item in agenda • Data on it – Business Plans; bank accounts; Corp info & his children • Damaging publicity just averted by fact the phone was recovered by Glamorgan University who were researching mobile phone abuses
Protect yourself! • Ensure DPA complaint processes • Resources needed often outside scope smaller companies • Secure storage of paper on site • CRB check cleaners and FMCo • Ensure all data containing media controlled • Encryption of data taken offsite • Certification to BS15713 contractors not badges!
Contact Details • www.shreddedneat.co.uk • Call free 0800 234 6660 • Shreddedneat@Shreddedneat • • facebook.com/Shreddedneat • firstname.lastname@example.org UK Data Losses Shredded Neat Limited
G4S lost £88m because of its London 2012 Olympic Games security blunder (Reuters) G4S has been confirmed as a provider of safety stewards to the Glasgow ...
Blunders led to live anthrax being posted from one lab and holes being ... Nine UK sites house CL4 labs ... Reports obtained by the Guardian from the ...
PAS 96:2014 Guide to protecting and defending food ... • Global Food Security Programme • Heineken UK • Hilton Food Group plc • J Sainsbury plc
2 in 5 UK businesses still unaware of the EU’s new data law despite the prospect ... The 2014 cyber security roadmap. ... not cyber security. In 2014, ...
Top 10 issues in IT security for 2014. ... “The US NIST cyber security framework and the UK government's ‘kitemark' are just two examples.
Your next presentation can be a prezi. Get started today. Product Company Careers Support Community Contact Apps. English. español.
Gartner’s top 10 security technologies for 2014. ... abstraction and remote presentation techniques can be ... Information Age is the UK's leading ...
Telegraph.co.uk. Search ... CES 2014: Michael Bay walks out on Samsung TV presentation after autocue failure
Home > Phoenix Chapter > Events > Download Presentations. Download Presentations ... Date: October 23, 2014 Speakers: Glen Walker, Security Engineering ...