resource center
  See your link here
|
Computerworld - An Ohio state official must surrender about a week of future vacation time as punishment for not ensuring the security of personal data stored on a stolen backup tape holding Social Security and other personal data. The tape was pilfered in June from the car of an intern responsible for carrying data used by the Ohio state government's computer systems.
Jerry Miller, payroll team leader for the Ohio Department of Administrative Services' Administrative Knowledge System (OAKS) ERP project, was informed of the decision by department officials on Sep. 26, said Ron Sylvester, a spokesman for DAS. Miller accepted the penalty, Sylvester said.
Sylvester described Miller as a "stellar longtime DAS employee" and said he has been forthright in acknowledging his role in the "management glitch" pertaining to the stolen backup tape.
Last month, the state announced that an investigation by computer forensics experts at Interhack Corp. in Columbus, Ohio, had determined that the missing tape contained data on all 64,467 state employees, 19,388 former employees and 47,245 Ohio taxpayers.
The data breach is expected to cost the state upwards of $3 million.
Though the administrative services unit was responsible for the data, Sylvester said the tape was handled by a number of people from other state agencies.
"Part of the problem is [the data] was outside of any one single person's hands. There were people who were not full-time tasked to OAKS who were coming in from agencies doing data migration and testing and introducing data on the drive," said Sylvester. "We believe we had some contractors who continued to introduce data on the drive.
"One lesson that the state learned is that we need to throw more resources at security and privacy when we have an issue like that," he added
A third party brought in from Ohio's Office of Collective Bargaining investigated the incident and recommended the penalty, Sylvester said.
"The next time the state takes on a project of this scope, we're going to have people on the job whose major responsibility is just data security," he added.
Related News and Discussion:
Data Protection is not an insurance policy -you cannot buy-back lost data
Find out why you need to maintain access to critical information to run your business and remain competitive.
Essential Archive Requirements for E-Discovery
Register Now!
Strategic ECM Webinar
Learn what new strategic business benefits can be realized through ECM!
CIO Strategies for the Retention and Deletion of Email
Register Now!
Rethinking Business Continuity and High Availability in Storage - HP and Forrester Pre-Recorded Webcast
Download it.
CIO Viewpoints: Exchange 2007 Risks and Mitigation Strategies
Download This Whitepaper Today!
5 Architecture Issues that Impact BES performance
Register to attend this LIVE Webinar to learn 5 Architecture Issues that Impact BES performance!
The Power/Density Paradox: The Result of High Density without Power Efficiency
Download this brief to explore what the power/density paradox is and how IT professionals can mitigate the risk.
Four Principles for Reducing Storage TCO
View cost reduction strategies in this video! Provided by Hitachi Data Systems.
Sign up to receive updates on the latest Storage resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
