Handling Goofs Cause Many Data Leaks

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.eweek.com/article2/0,1895,2211531,00.asp

By Lisa Vaas
eWeek
November 2, 2007

A sizable chunk of business data is being lost electronically in simple 
misconfiguration mistakes.

Since January 2005, there have been 167.7 million records containing 
sensitive personal information exposed by security breaches, according to 
a running total kept by the Privacy Rights Clearinghouse.

The question is, How does this information get out there?

Loss or theft of a physical object forms by far the largest hole in data 
security. According to an analysis (PDF) done recently by David Litchfield 
of Next Generation Security Software, based in Surrey, England, 43 percent 
of records lost since Jan. 1 slipped out of organizations on paper, 
computers, laptops, disks or backup media.

Other researchers put the figure higher for records that were exposed due 
to lost or stolen computers or mediasecurity expert Chris Walsh has 
analyzed New York data sets and puts the figure closer to 99 percent.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml