Cyber-Ark says the latest data loss – involving a disk containing the personal details of around 5,000 Ministry of Justice staff going missing – highlights the need for European Union controls on data security to be implemented across all UK government departments and agencies enforcing the use of encryption of private and personal data on staff and members of the public.
"This time around it seems that staff at the National Offender Management Service, which includes a number of prison officers, have seen their data potentially leak into the public domain. Given the fact that they are dealing with criminals who could, conceivably, use this data to get back at them, this situation is totally unacceptable," said Calum Macleod, Cyber-Ark’s European director.
"What is also pretty disturbing is the fact that the disk appears to have gone missing in June of last year. There now needs to be an enquiry into the length of time it’s taken for the relevant companies, agencies and staff to report the loss," he added.
According to Macleod, the UK government now needs a thorough ranalysis of its data security needs, and for an EU-imposed pan-agency set of best practice guidelines and policy enforcement systems to back up any data encryption and data vaulting technology that is used. "You can have the best IT security system in the world installed on your IT resources, but if the methodology and policies underlying that system are not verified and enforced, then the system can still let the government down. The government really needs to take a holistic view of security across all its various departments and agencies," he said.