[Dataloss] Laptop security lapse at BoI shines a light on data safety
security curmudgeon
jericho at attrition.org
Mon Apr 28 07:24:42 UTC 2008
---------- Forwarded message ----------
From: InfoSec News <alerts at infosecnews.org>
http://www.independent.ie/business/irish/laptop-security-lapse-at-boi-shines-a-light-on-data-safety-1359869.html
By Sharon Lynch
independent.ie
April 26 2008
LOSING a laptop can be attributed to just plain bad luck, two can be put
down to carelessness, however, three and four would send anybody's alarm
bells ringing.
But this was not the case at Bank of Ireland earlier this week when it
emerged that four laptops had been stolen from the institution's
investment arm between June and October of last year.
The bank said it was only told six weeks ago that three of its unencrypted
laptops were stolen from cars and another from the branch.
And when it emerged that the laptops had the personal data of 10,000
customers, which were only protected by a password system, a number of
questions were raised about the safety of customer information as well as
the regulation of security systems.
Weak
Owen O'Connor at Information Systems Security Association Ireland
described the bank's IT security procedure as a "very weak'' level of
protection. "If a laptop is unencrypted, a moderately skilled IT person
will be able to access all information on the files," he said.
[..]
More information about the Dataloss
mailing list