Calls have been made for EU controls on data security to be implemented on all UK government departments.

 

Following the loss of personal details of around 5000 Ministry of Justice staff, Cyber-Ark has claimed that there is now a need for EU controls on data security to be implemented across all UK government departments and agencies enforcing the use of encryption of private and personal data on staff and members of the public.

 

Calum Macleod, Cyber-Ark's European director, claimed that the UK government now needs a thorough root and branch analysis of its data security needs and a EU-imposed set of best practice guidelines and policy enforcement systems can be enforced to back up data encryption and vaulting technology.

 

He said: “This time around it seems that staff at the National Offender Management Service, which includes a number of prison officers, have seen their data potentially leak into the public domain. Given the fact that they are dealing with criminals who could, conceivably, use this data to get back at them, this situation is totally unacceptable.

 

"You can have the best IT security system in the world installed on your IT resources, but if the methodology and policies underlying that system are not verified and enforced, then the system can still let the government down. The government really needs to take a holistic view of security across all its various departments and agencies.”

 

The disc that was lost was reportedly unencrypted and was lost in July 2007, while a memory stick was lost in earlier this year containing the details of 84,000 prisoners in England and Wales.

 

Justice Secretary Jack Straw has ordered an urgent inquiry over the missing, unencrypted disc, which may contain personal information on prison officers.

Grant Gutteridge, director at Stonewood, said: “Companies and individuals often do not recognize the need to have such technology in place in order to protect data from being mislaid or lost and avoid costly data breaches, until it is too late. Confidential personal details need to diligently managed and stored on secure, encrypted, portable devices.”