Importance of PCI DSS compliance highlighted as UK police force fined for poor data encryption

The UK Information Commissioner 150,000 (AUS$233,515) after a data breach relating to an unencrypted memory stick.

The stick, which contained the sensitive personal information of more than 1,000 people under investigation for serious criminal actions, was stolen from a police offers home in July 2011.

said ICO director of data protection David Smith in a statement issued October 16.

In a news release regarding the incident, the ICO alleged that a number of officers have been found to be regularly using unencrypted memory sticks.

The ICO goes on to say that it believes the Greater Manchester Police staff have not been sufficiently trained in protecting personal data, despite a similar event which occurred in September 2010.

The incident highlights the importance of taking due care to protect any personal information being stored by an organisation, as it reveals just how easily this data could potentially fall into the wrong hands.

Any retailer concerned about the way it is handling personal customer information needs to ensure it is complying fully with the Payment Card Industry Data Security Standard (PCI DSS).

The PCI DSS is a set of strict best practice guidelines laid down by several of the world s leading payment card providers, and any business which accepts debit or credit card information must be in full compliance with these standards.

Requirement three of the PCI DSS involves the adequate protection of stored cardholder data, and mandates that strong cryptography be used in order to render any customer information unreadable.

Mr Smith went on to highlight the fact that had correct encryption procedures been used regarding the memory stick in question, this entire incident could have been avoided.

said Mr Smith.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s