Six stolen laptops highlight need for strict control on data
IT security and control firm Sophos is reminding organizations of the risks of data loss and identity theft following news that six laptops, containing personal information about 20,000 NHS patients, have been stolen from St Georges Hospital in Tooting, London.
Sophos experts note that inadequate security policies left the data vulnerable, with the sensitive information being stored on the laptops on a temporary basis due to computer network problems at the hospital.
"Sensitive patient data should never be stored on non-secure, unencrypted portable computers," said Carole Theriault, senior security consultant at Sophos. "This should serve as a reminder of the damage that is done by poor attention to IT security policies. Organizations that must store confidential personal details should invest in systems that make sure that this kind of information cannot be transferred to devices that may be compromised, putting not only the organization, but also the individuals concerned at risk."
St Georges Healthcare NHS Trust has said that information such as postcodes were password protected, but patient name and hospital number were shown on the records.
Although on this occasion it appears that the damage may be limited, this will be of little consolation to the patients whose records have been stolen, adds Theriault. It is vital that policies are implemented and enforced to ensure that no kind of confidential information is made vulnerable to theft. Sensitive data should be encrypted, or better yet, simply not stored on portable devices like laptops and blackberries."
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK.