“Federal Agency loses data on 583,000 Canadians” – this headline caused a huge shock, and worried and left most Canadians wondering if it was safe to entrust their personal information to even their own Government.
The Canadian Federal Government lost a hard drive containing personal information of more than half a million students, who were part of the Students Loan Program from 2000 to 2006. The drive contained personal information, such as the student name, social insurance numbers, and date of birth, contact information and loan balance particulars. Further, the drive contained personal information of about 250 HRSDC employees. The drive disappeared from the Human Resources and Skills Development office in Gatineau, Quebec in early November and has remained untraceable.
While the Government assured the victims that there was no evidence of fraud, concern about how and when the data will be used against them remained unaddressed. Individual notifications of the fraud and reprimands to the officials involved have not helped in restoring the confidence of the public in the Government’s ability to ensure that their private information remains safe and secure. They are expecting strict action and stricter implementation of Governmental directions on data security in Government departments.
The above data breach and its consequences once more underline the problems of personal data security and privacy. How safe is your personal data? While external data threats are a reality, most data breaches are caused by insider negligence as in the above instance. The ground reality is that security is compromised every time an application has to be patched, tested or developed for different business units. Data is exposed, and is vulnerable every time it is duplicated or copied for testing purposes.
How does one ensure data security at such times?
Organizations that have migrated to Cloud backup and Cloud based applications find that the Cloud not only reduces costs, it also reduces complexity of the IT environment. Centralization of administration, elaborate access protocols, encryption and other security features that are inherent to Cloud computing go a long way towards reducing data breach risks. User access logs, user tracking systems, instant alerts, and other features help in arresting breaches even as they are engineered or contemplated. Load testing can be simulated without actually copying and compromising the security of the mission-critical enterprise data. The impact of application source code changes can be minimized with database level, table level or column level encryption, and role based access to data.
In short, Cloud backup technologies are constructed on proven, next generation technologies that ensure layered privacy and security of information.