News broke over the weekend that a webcam system that lets parents drop in and watch their children while at nursery school has written to families to tell them of a data breach. NurseryCam said it did not believe the incident had involved any youngsters or staff being watched without their permission, but had shut down its server as a precautionary measure.
Experts Comments
This case highlights the importance of proper procedures in design and implementation, particularly for a sensitive product/solution aimed at monitoring children. The current actions of the vendor are right in taking down the service until a solution can be implemented. Organisations would be well-advised to embrace secure-by-design practices to avoid similar incidents. They should also work closely with security professionals to identify issues sooner rather than later.
For anyone worried about privacy and invasion of one’s private space, having the initial thought of installing a form of security camera open to parents to log in to and check in on their kids is a very dual edged blade. You can choose this increased transparency but at the risk of privacy, and with a guaranteed invasion of privacy of concerned staff and kids. It’s also clear that a parent accessing a camera will of course also be able to see other children and parents in the space where
.....Read MoreThere have been many horror stories about internet connected baby monitors and security cams being accessed without the owner’s permission, so NurseryCam have certainly done the right thing by alerting their customers of this data breach and shutting down their servers as a precaution. Everyone whose details might have been compromised should swiftly reset their login details, while NurseryCam will work to solve the issue.
In general, the advice is not to configure any security cameras to be
.....Read MoreDot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
This breach shows the importance of acting speedily when any irregularities are spotted in a company’s systems. Thankfully this swift action has meant that the data was not used to cause any harm prior to the systems being taken down.
All businesses that work with children in some way have a duty of care to ensure that their online safety is maintained, and to keep sensitive data private and stored securely.
Simple steps can be put in place by any company that experiences a data breach to
.....Read MoreThis breach shows the importance of acting speedily when any irregularities are spotted in a company’s systems. Thankfully this swift action has meant that the data was not used to cause any harm prior to the systems being taken down.
All businesses that work with children in some way have a duty of care to ensure that their online safety is maintained, and to keep sensitive data private and stored securely.
Simple steps can be put in place by any company that experiences a data breach to ensure it doesn’t happen again. This includes ensuring full visibility of company endpoint devices and securing cloud networks to prevent unwanted access to customer data.
Having a company culture which prioritises cybersecurity and encourages business stakeholders to work regularly in partnership with IT and security professionals can also act as an effective preventative measure. When offering a service which involves holding sensitive data related to vulnerable people, such as children, having adequate cyber defences in place is of the utmost importance.
Read LessLinkedin Message
@Simon Mullis, Director of Technical Account Management, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Simple steps can be put in place by any company that experiences a data breach to ensure it doesn’t happen again...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/parents-alerted-to-nurserycam-security-breach-experts-comments
Facebook Message
@Simon Mullis, Director of Technical Account Management, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Simple steps can be put in place by any company that experiences a data breach to ensure it doesn’t happen again...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/parents-alerted-to-nurserycam-security-breach-experts-comments