How to Avoid Sensitive Data Security Snafus

How to Avoid Security Snafus with Sensitive Data and Top Secret Information

Documents marked “Official Use Only” usually trigger the utmost caution in storage and loss prevention. In the case of one, however, a hard copy document from the Department of Homeland Security was left in the seat back pocket of a commercial airplane. The document described how the US Government planned to respond to a simulated anthrax attack on the Super Bowl. In addition to the response plan, the document pointed out critical weaknesses and gaps in security. Had it reached the wrong hands, the results could have been tragic.

Another emergency management employee in Hawaii left similarly sensitive information visible to the public. In a now viral photo, a Hawaii Emergency Management Agency employee is pictured in front of his computer screen. To the lower left of the screen is a post-it with the password to the emergency management message system visible. It’s not clear whether this breach was directly related to the false alarm for a missile attack in January 2018, but it certainly could have been.

It’s a necessary challenge that large-scale endeavors or companies require that data passes through the hands of multiple people. One weak link in the chain of security can result in compromising an entire project. In the process of building a cloud-based component of an app that would distribute intelligence for the Army, one contractor inadvertently posted “Top Secret” files on a public server. While the lure of cloud-bases services for collaboration is clear, security can’t be sacrificed.

Categories: Data Loss Prevention, What's Trending


Storing Sensitive Data in the Cloud

Government officials aren’t the only employees who have made critical errors in storing important data. Uber stores database key on public page: Uber’s databases hold a wealth of sensitive information, including the travel logs of celebrities, journalists, and other high profile people. Financial information for both drivers and customers are also stored within Uber’s files. Undoing this error was no easy task. Uber filed a lawsuit to find out who had accessed the database on the public GitHub page.

FedEx also left data unprotected for up to three years: Private information like passports, drivers’ licenses, and security clearances were apparently accidentally stored on a public Amazon server for up to three years before being discovered and protected.

A Solution to Security Snafus

The solution to these security snafus is relatively straightforward. Sensitive, classified, or top secret data should never be stored in a public place. A public place can be either a physical or virtual environment. Whenever possible, hard copy documents aren’t the most secure option for distribution. SecureDrive offers a new standard in hardware encrypted data storage. Its military grade 256-bit encryption pairs security with durability. Even if the drive is lost, security features bar access so data can’t be compromised. To learn more, watch a demo, or request an evaluation, visit our SecureDrive page.