According to this article in today’s Globe and Mail, Privacy Commissioner Daniel Therrien reports that: federal institutions reported 256 data breaches in 2014-2015, up from 228 the year before. As in previous years, the leading cause of breaches was accidental disclosure, a risk Therrien says can often be lessened by following proper procedures. The main culprit was identified as the use portable storage devices.
The audit, which examined practices at 17 institutions, identified a number of concerns:
- More than two-thirds of the agencies had not formally assessed the risks surrounding the use of all types of portable storage devices;
- More than 90 per cent did not track all devices throughout their life cycle;
- One-quarter did not enforce the use of encrypted storage devices.
It’s interesting that there fears about the security of cloud storage is expressed so frequently, yet the dangers of losing data through portable devices is, in fact, usually a much bigger problem.