The loss of a laptop that contained the personal data of around 109,000 British people could have been prevented with encryption.

 

Michael Callahan, senior vice president of Credant Technologies, claimed that the loss of personal details, including names, addresses, national insurance numbers and salary plus bank data from The Pensions Trust could have been avoided if the laptop used by the organisation's contractor had used onboard encryption.

 

He claimed that the cost of the hardware stolen in these types of incidents is frequently outweighed by the potential financial consequences of the data loss.

 

Callahan said: “The fact that the trust is a not-for-profit organisation does not mean that it can bypass any of the stringent IT security safeguards or require similar controls to be implemented by its contracting companies.

 

“Basically the data held on the laptop should have been protected by the highest possible levels of encryption, given the potentially serious consequences that could result from the loss of this type of information.”

 

The BBC reported that payroll software provider NorthgateArinso was using the information in internal training.

“It is to be hoped that the firm will now review is procedures on using live data in training situations, and also start beefing up its IT security procedures, including applying a policy of encrypting all private data, whether at rest or in transit," said Callahan.