Blog

Explore insights and guidance on DSPM, AI security, and the future of data security

More Creative Ways To Be Paranoid About Your Paper Documents

More Creative Ways To Be Paranoid About Your Paper DocumentsJust when you’ve thought you’ve heard it all we read about the Macy’s Thanksgiving Day Parade confetti containing confidential information from the Nassau County Police Department.  Not only did the confetti contain social security numbers and arrest records but partial information on President Obama’s and Mitt Romney’s recent motorcade through Manhattan.

Such a lack of control of confidential paper documents should not shock anyone these days. Case in point is an article published in The Kansas City Star “Personal data face low-tech peril” that highlights another security blind spot that just about everyone is vulnerable to at some point.

The article says that an Overland Park man had applied for a mortgage loan using the traditional mortgage origination process. The completed mortgage file and two years of tax returns were subsequently stolen from the Pulaski Bank loan officers’ car while he was parked at a local gymnasium.  Other examples such as loss of paper based patient records by “Meals on Wheels”, physicians transporting patient files and the list goes on.  The potential liability and damage to the organization’s brand are difficult to measure.  But in the end it is about the person whose information is now in the wrong hands!

As these “blind spots” are discovered companies tend to be very proactive to correct the areas that were responsible for the breach.  In the case of the Nassau County Police Department a complete review of the chain of custody of their paper documents was probably the first reaction.  Another “simple” solution would be to use a newer cross cut shredder! You would think they would have had that one figured out!

It is unfortunate but we routinely see two consistent themes in the area of IT security consulting:

  1. Organizations that wait until a data breach occurs before they get serious about doing something to reduce their risk.
  2. General lack of knowledge on the part of Senior Management as to Data Security best practices. To quote the article Lies we Tell Our CEO’s About Database Security, “when senior executives of any public or private organizations don’t understand industry best practices or what really constitutes a sophisticated attack, they’ll probably fail to properly fund protection measures against securing sensitive databases.”

Don’t wait to be the next headline before you discover your security blind spots! People, process and technology are the key components to locking down your confidential information.

 

Photo credit WPIX

Tags
Keep me informed
Privacy Overview
Fasoo

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

3rd Party Cookies (Analytics)

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.