In light of the news relating to the breach of sensitive data of California state employees, Jon Fielding, Managing Director, EMEA at Apricorn commented below.
Jon Fielding, Managing Director, EMEA at Apricorn:
“It is frustrating to see incidents like these continue to occur when the remedy is so simple. Organisations have it within their gift to mandate the use of a corporate standard, encrypted USB device and to enforce its use through locking down their ports so that only these devices will be accepted. We are moving towards an expectation that best practice such as this will be implemented and audited through the upcoming General Data Protection Regulation (GDPR) act, which would apply to California’s Department of Fish and Wildlife if any of the affected individuals are EU citizens. GDPR provides a framework against which businesses will be measured for compliance with the right to apply financial penalties to those systematically found to not comply or if they suffer a breach such as this. In the event of a breach, the onus to notify and the potential fine is mitigated if the data is rendered unintelligible to unauthorised actors, such as being encrypted in hardware on a USB device.”