Key Lessons From 2006 Security Failures and Data Loss Events

Once again it is time to take note of those security blunders from the past year that have given us so many opportunities to learn from our mistakes. It has been a year rich in opportunity, with one lesson in particular being repeatedly hammered home. So the second annual Bonehead Award for Notable Failures in IT Security goes to all of those people who think it is productive to carry around sensitive data on portable devices.

There are many types of sensitive data that can get stolen, lost or just disappear. But since the passage of the 2003 California law requiring notification of breaches of personally identifiable data, losses of this type of information have been the easiest to track. The exposure of individuals to the risk of identity theft became a high-profile issue with the February 2005 fraud at ChoicePoint that exposed records on more than 160,000 people. Since then, more than 97 million personally identifiable records have been exposed, according to the Privacy Rights Clearinghouse. Many of these breaches have resulted from poorly handled government records. The corker, of course, was this year

The link for this article located at Government Computer News is no longer available.