Data Leakage and Data Compromise
04.06.2009
If you follow the news, it will appear that there has recently been an upsurge in cases of data leaks from both private and public organisations. The list of incidents in the public domain is lengthy and ever-growing. Recent months have seen the loss of 25 million welfare recipient’s records from the UK Department of Internal Revenue, 600,000 records from the UK ministry of Defence and 1.6 million records from the Monster.com recruiting web-site. Closer to home, Bank of Ireland admitted the loss of four laptops containing the personal details of thousands of clients. There have even been reports recently of UK ministerial aides having their PDA’s stolen, possibly, we are led to believe, by Chinese Intelligence Agents.
This article will discuss the topic of data leakage and data compromise, asking the question, how can they be prevented and, if not possible, then, how can their consequences be managed or mitigated? This article is the first in a series, with subsequent companion articles discussing data destruction\data retrieval, computer counter-forensic measures/electronic evidence, and Irish statutory computer fraud offences. While these articles will be written from the Irish perspective it is hoped that they will be of general interest.
