One of the advantages of DaytaTree’s “Software as a Service” approach is data security. This goes beyond secure access and data backup, but also includes the physical security of the data. It is worth reviewing some recent stories about what happens when sensitive data is stored on a desktop computer or laptop or other movable storage device rather than stored in a secure data center:
In March 2007, Wellpoint Inc. was obliged to notify some 75,000 members of its Empire Blue Cross and Blue Shield unit in New York that a compact disc containing medical and personal information was lost.
In its third security breach in 13 months, Boeing announced on December 2006 that a laptop stolen from an employee’s car contained sensitive information on 382,000 workers and retirees. The data included names, home addresses, phone numbers, Social Security numbers, and dates of birth. Boeing had previously lost the data on 161,000 employees in November 2005 and lost the data on 3,600 employees in April 2006.
It has been widely reported that Nationwide Building Society, a U.K. financial services provider, was fined $1.9 million in February 2007 after a laptop containing sensitive customer data was stolen from an employee.
In February 2007, the U.S. Department of Veterans Affairs launched an investigation into the loss of a hard drive that contained personal data on as many as 535,000 veterans and 1.3 million physicians. This follows a previous data security breach last year where the personal data on 26.5 million veterans was stolen.
In January 2007, it emerged that
credit and debit card information was stolen from TJX Companies Inc computer systems in a incident that could affect millions of customers of T.J. Maxx, Marshalls, and other stores.
It was revealed in late 2006 that US Dept. of Commerce had lost 1,100 laptops since 2001, including Census Bureau laptops that may have compromised the detailed personal information of about 6,200 households.
It was revealed in December 2005 that the Marriott group had lost computer backup tapes containing personal data of more than 200,000 customers and employees.
In October 2005, a desktop computer containing data on thousands of consumers was stolen from a local office of the Trans Union credit bureau.
It was reported in July 2005 that thieves had stolen the personal data of thousands of current and former Federal Deposit Insurance Corp. employees.
In April 2005, San Jose Medical Group was forced to contact nearly 185,000 current and former patients to report that their financial and medical records may have been exposed following the theft of computers containing personal data.
In March 2005, the University of California at Berkeley was forced to warn more than 98,000 people that the theft of a laptop from its graduate school admissions office has exposed their personal information.
It was announced in February 2005 that Bank of American lost
number of backup tapes with records detailing the financial information of one million government employees.
The results of a survey have just been published that show that loss of critical data is the top concern of Information Technology manageers.
Some of the key data security questions to ask your Information Technology manager are:
-Do you have automated, secure data backup procedures?
-Do you have systems in place to prevent unauthorized copying of your drug testing data, including copying by your own Information Technology staff?
-Do you have the necessary systems in place to physically protect your drug testing data from theft? What happens if your laptop/desktop computer is stolen?
The DaytaTree solution is to ensure that all of the sensitive data is stored off site in a secure location, so it does not matter if a computer is stolen and there is no way to steal or loose the data.
The DaytaTree Team