tmaliyil
This is the member profile section for tmaliyil, which includes a list of articles this member has been posting across the Zimbio network.
Email Attachment Encryption: Kentucky Retiree Data Makes The News. Why?
There is a story at the courier-journal.com that, on the surface, doesn't make any sense. The names, dates of birth, and Social Security numbers of 28,000 Kentucky state retirees were sent via e-mail to the correct person.
Why is this news? Because the attachment in the e-mail was not encrypted using a document encryption program like AlertBoot endpoint security.
Walgreens Admits Mistake
The story surfaced when Walgreens Health Initiative--the pharmacy benefit management arm of Walgreen, the drugstore giant--sent a letter to the affected parties saying that there is a remote possibility their records were accessible while being transmitted.
The letter was sent to a "single and proper" contact at Kentucky Retirement Systems who confirmed receipt of the e-mail. I take it this means the person who should have received the e-mail did receive it. So far so good.
So...Where's the Mistake?
The mistake is not apparent on the surface. Just like regular snail-mail can be tampered with, leaving no trace of manipulation--steaming an envelope to open it; reading the contents; and sealing it again--e-mail can be tampered with as well.
Except, electronic mail is kind of designed to be tampered with. I gave an explanation previously, when I covered how easy it is to use e-mail attachment encryption, and why it's needed when sending sensitive documents via e-mail.
Briefly put, e-mail is similar to a postcard in real life, not a sealed letter. Now, ask yourself, would you mail your SSN and other personal information on a postcard? Would you feel outrage if a company sent a list of SSNs?
Most people don't when it comes to e-mail, though. This is probably because most people don't understand how e-mail is delivered, a topic that is as exciting as learning how butter is made (which, actually, is pretty interesting. Big Discovery Channel fan).
If you've got attachments with sensitive information, you want to encrypt them before e-mailing them. If not...chances are, nothing will happen. But then, chances are your laptop will not get stolen. (I, for one, know more people who've never had their laptops stolen than people who have experienced laptop theft.)
But laptops get stolen every day, right? You shouldn't confuse little risk with "no risk."
Related Articles:
http://www.courier-journal.com/article/20090318/NEWS01/90318044/1008
http://datalossdb.org/archives/1840/2774/index.txt
 |
Stars Remember Whitney Houston |
 |
Jay-Z and Beyoncé Share First Photos of Daughter Blue Ivy Carter
These two made a beautiful baby. Check out all five photos inside!
|
 |
How to Talk to Girls About Reality TV |
