Fraser Health Authority in British Columbia is the latest company to suffer an information security incident that could have been prevented. A laptop in their pulmonary function lab containing sensitive patient information was stolen resulting in 600 patients data being potentially compromised. Worse yet the laptop was not protected by encryption or password protected making the data readily available to the criminal.
- Do not store sensitive data on laptops if a more secure mechanism is available
- Utilize encryption when any sensitive data will reside on the machine and especially if you violate the rule listed above.
- Utilize cable locks for all computer equipment to add a dimension of physical security and theft deterrence.
- Implement audits to ensure compliance with any IT Security policies you have