Looks like Her Majesty's Revenue & Customs does not take lightly to employees peeking at sensitive data - they have disciplined around 600 employees.
Lots of questions come up - intentional breach, stupid mistakes etc. If the data were protected with the right policies and access controls would this have been prevented?
My Dad always said when I leave stuff in my car seat - "Don't tempt folks. Even if they are not thieves, the sight of something valuable can turn people". I started believing this after my car was broken into and it turned out to be a neighbor kid.
I firmly believe that taking temptation away (in this case not having access to data you should not) is a great strategy. Insider threats are more troubling, since this is targeted at the most sensitive and valuable data - while the outsider threat depends a lot on luck to get to this.
Thursday, May 1, 2008
The insider threat - jobs at risk!
Posted by Manu Namboodiri at 5:51 PM
Labels: data breach law, data leakage, Securing data
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment