26 October 2012

The definite need to encrypt sensitive data has been highlighted once again.  The ICO have reminded organisations that it is essential to encrypt personal information which is stored or electronically sent.

Monetary penalties and the unnecessary damage caused to individuals are avoidable through the use of encryption.  Encryption is a widely used security measure and simple to adopt thus leaving no excuses for this form of data breach.

The breach highlighting this issue was through Stoke-on-Trent City Council sending several emails by the solicitor to the incorrect email address.  The emails containing highly sensitive data where not sent via a secure network neither encrypted.

Taking into account a previous breach in 2010, where sensitive data stored on an unencrypted memory stick, was lost and the fact that no security  measures had been put in place following this breach as agreed by the council, they were fined £120 000.

This is an unfortunate occurrence and is not acceptable.  It is avoidable through the use of encryption and ensuring staff are trained on the procedures in which to secure personal data being processed, stored or in transit.

Galaxkey is a robust encryption technology, effortless to deploy and operate. Through the use of Galaxkey this would not have occured.

Follow the link below to view the ICO’s advice on the use of encryption.