Data loss set to increase

Fri, Jan 23, 2009, 00:00

THE NUMBER of people affected by data loss is set to increase in 2009, according to KPMG’s Data Loss Barometer, with up to 190 million around the world expected to be hit.

This compares with 92 million people in 2008, with the 47.8 million affected by data loss in the three months to November 2008 outstripping the total for the first eight months of the year.

Despite all the warnings from experts, data loss is still a major issue, with some high-profile incidents in Ireland in recent months.

Last year, it emerged that details of more than 370,000 people were lost when a laptop computer used by the Comptroller Auditor General’s office was stolen, including bank account details.

Bank of Ireland had to admit in 2008 that four laptops belonging to investment advisers with Bank of Ireland Life containing confidential personal data on 10,000 people were stolen between June and October last year.

“Data loss poses a threat to all companies, and can have a significant impact on brand, reputation and customer trust across all sectors and different types of businesses,” Mike Daughton, partner with KPMG’s business performance and IT advisory in Dublin, said.

However, proper password controls, the creation of IT systems access controls and awareness training could help prevent Irish firms falling victim to potentially damaging data loss, he said.

He said companies need to have clear policies and procedures in place governing the handling of data. Portable media provide a particular risk area, Mr Daughton said, including laptops, USB keys and CDs. The company needs to know “where all its information is stored”, he said. This is relevant when it comes to companies which use third parties to manage data.

Irish firms must bring in more robust practices to cover data deletion, to guard against “dead data” creating security breaches, data recovery firm Kroll Ontrack Ireland said. With second-hand devices being recycled or sold on to recoup costs, failing to securely erase data could lead to its recovery by malicious users, leaving firms open to legal consequences.

Ciaran Farrell, business development manager at Kroll, said: “We’ve all heard embarrassing stories of information being retrieved from laptops abandoned in skips or bought on eBay. Data is growing at an exponential rate and organisations must ensure they are managing it correctly at every stage of its life cycle, including when it’s ‘dead’.”