Unacceptable Physical Security Must Be Corrected

| 2 Comments | No TrackBacks
| More

The Information Commissioner's Office (ICO) has found eleven banks and other financial institutions in breach of the Data Protection Act after investigating complaints concerning the disposal of customer information. They were were all found to
have discarded personal information in waste bins /receptacles outside their
premises.

This is a clearly widespread problem. The ICO points the finger at HBOS, Alliance & Leicester, Royal Bank of Scotland, Scarborough Building Society, Clydesdale Bank, Natwest, United National Bank, Barclays Bank, Co-operative Bank, HFC Bank, Nationwide Building Society and The Post Office. It must be seen as a major wake-up call as the guilty parties are all respectable organizations with sizeable security budgets and functions, ones that are more likely to be leaders rather than laggards in security. If these companies can't get it right then it's highly likely that your organizations are also at fault. And there's no excuse. It doesn't require expensive technology, just a clear policy and firm enforcement.

No TrackBacks

TrackBack URL: http://www.computerweekly.com/cgi-bin/mt-tb.cgi/35258

2 Comments

It really is about time the UK Information Commissioner was seen to act, and act decisively. Companies like B4U drove a coach and horses through his enforcement notice with an "I am going to appeal, no I'm not" strategy that allowed them to keep the old electoral roll data up way past the 1 August enforcement date, and the UKIC pulled out of prosecuting them.

Now we have a high(ish) profile thing that has appeared on Watchdog, and he gets an undertaking signed.

Just how much more education do corporations need before enforcement and prosecution?

I could not agree more David. And there's definitely no excuse anymore.... The new British Standard BS 8470:2006 gives the most comprehensive overview of both internal, or outsourced, secure destruction operations.

Leave a comment

About this Entry

This page contains a single entry by David Lacey published on December 11, 2011 12:39 PM.

Communicating information quickly and efficiently was the previous entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Archives

 

-- Advertisement --