Even the best physical security measures for data can fail, as evidenced by a California mishap this week. Personal data about more than half a million individuals involved in the state's child support system have been compromised. The personal information in question includes not just names and addresses of children and adults involved in the system, but also Social Security numbers, California identification or driver's license numbers, and even information that relates to health insurance policies held by the individuals.
The data was lost when four cartridges shipped from Colorado to California were lost in transit. The cartridges had been shipped to Colorado in the first place in order to test that proper disaster recovery could be performed if a natural disaster such as an earthquake disrupted normal computer operations in the Golden State.
Kathleen Hrepich, who serves the California Department of Child Support Services as an interim director, downplayed fears that the lost data would pose a problem: "Because the devices are in a specialized format, we have no reason to believe, at this time, that the data have been accessed or utilized in any way."
While that may provide some solace for individuals that worry their data may have been compromised, those same individuals would rest easier if they could be assured that their information had been encrypted as well. Many small and medium businesses find that adopting a managed programs approach to IT solutions is helpful in this regard, as visiting staff can install and maintain encryption systems that will keep data highly secured even if it is lost in physical form.