Laptop security lapse at BoI shines a light on data safety

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.independent.ie/business/irish/laptop-security-lapse-at-boi-shines-a-light-on-data-safety-1359869.html

By Sharon Lynch
independent.ie
April 26 2008

LOSING a laptop can be attributed to just plain bad luck, two can be put 
down to carelessness, however, three and four would send anybody's alarm 
bells ringing.

But this was not the case at Bank of Ireland earlier this week when it 
emerged that four laptops had been stolen from the institution's 
investment arm between June and October of last year.

The bank said it was only told six weeks ago that three of its unencrypted 
laptops were stolen from cars and another from the branch.

And when it emerged that the laptops had the personal data of 10,000 
customers, which were only protected by a password system, a number of 
questions were raised about the safety of customer information as well as 
the regulation of security systems.

Weak

Owen O'Connor at Information Systems Security Association Ireland 
described the bank's IT security procedure as a "very weak'' level of 
protection. "If a laptop is unencrypted, a moderately skilled IT person 
will be able to access all information on the files," he said.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml