We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Marks & Spencer ordered to encrypt all laptop hard drives

Marks & Spencer ordered to encrypt all laptop hard drives

Retailer's embarassment over laptop theft should be warning to us all

Article comments

Marks & Spencer has been given two months to encrypt all its laptop hard drives.

The order, from the Information Commissioner's Office (ICO), follows the theft of an unencrypted laptop which contained the personal information of 26,000 M&S employees.

The laptop contained details of the pension arrangements of M&S employees and was stolen from the home of an M&S contractor.

“In light of the nature of the information contained on the laptop, it is the ICO’s view that M&S should have had appropriate encryption measures in place to keep the data secure, the commissioner’s office said.

The ICO has issued M&S with an enforcement notice which orders the company to ensure that all laptop hard drives are fully encrypted by April. Failure to comply with the notice is a criminal offence and may result in the ICO taking further action against the company.

Mick Gorrill, assistant commissioner at the ICO, said: "It is essential that before a company allows personal information to leave its premises on a laptop there are adequate security procedures in place to protect personal information, for example, password protection and encryption.

“The ICO has issued clear guidance to help employers understand their obligations under the Data Protection Act.”

Responding to the loss of 25 million child benefit records last year, Gordon Brown announced that the ICO would be given increased powers to conduct spot-checks of government departments. The information commissioner wants these powers to be extended to cover all public bodies and private sector organisations.

Now read:

MoD admits 600,000 records go AWOL

HMRC data breach: the full story

Share:

Comments

Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *