M&S rapped for data loss
This is not just security...
Marks and Spencers has been told it must encrypt all company laptops containing personal information by April 2008.
In May 2007 the knicker-seller admitted it had lost records relating to 26,000 staff when a laptop was nicked from a contractor's house. The laptop contained information on members of the company pension scheme.
M&S wrote to all staff whose information had been compromised offering free credit checks.
The Information Commissioner's Office reckons that the type of information on the laptop means it should have been protected with encryption.
The ICO has issued M&S with an Enforcement Notice - the company must ensure laptops containing sensitive information are encrypted by April, or face further action from the ICO.
The ICO wants the power to carry out spot checks on private companies and government departments when it suspects data protection is not being carried out properly. ®
Oh for the love of the Lord, NO!!!
Don't do it!!
Private vs Public Sector
I think the TJX fiasco more than proved the private sector's capabilities in this field. It's just that, generally speaking, when it comes to monumental cock-ups you can't beat a government department.
"Information Commissioner's Office is sanctioning M&S for lost data ?? What about the NHS, MoD, DVLA, et al "
Because government departments are exempt from the data protection act (and common sense, apparently). Can't see that law changing, with the current government, can you ?
**The ICO wants the power to carry out spot checks on private companies and government departments when it suspects data protection is not being carried out properly**
That puts most of our government departments in the sh*t then.
Gosh, so many comments
See, it's not just government departments that are careless with their laptops. I forsee BCrypt having a bumber year.