Categories

• Automation
• Compliance
• Consolidation
• Data Protection
• Networking News
• News
• RAID
• Security News
• Sencilo News
• Storage News
• Uncategorized
• Vendor News
• Virtualization

Archived by Date

• June 2011
• May 2011
• April 2011
• March 2011
• January 2011
• December 2010
• November 2010
• October 2010
• September 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008
• May 2008
• April 2008
• March 2008
• February 2008
• January 2008

University of Miami given Failing Grades for Data Security - April 20, 2008

The Universities of Miami and Virginia acknowledge lost data on stolen tapes and laptops

The University of Miami and the University of Virginia are the two latest organizations to be rocked by data breaches after the theft of sensitive data affecting tens of thousands of people. 

Miami Florida - Details of the University of Miami’s security snafu are starting to emerge after officials confirmed yesterday the theft of backup tapes containing medical data and Social Security numbers on some 47,000 people. 

In a statement released Thursday, the university explained that the theft occurred when a case of tapes was stolen from a vehicle in downtown Coral Gables. The vehicle had been contracted by a “private off-site storage company," though officials but did not reveal the identity of the firm involved.

Anyone who has been a patient of a University of Miami physician or visited one of the university’s medical facilities since Jan. 1, 1999, is likely to be included on the tapes, according to officials.

Information contained on the stolen media includes names, addresses, Social Security numbers, health information, and, in some cases, credit card and financial data.

”We felt that in the best interest of the physician-patient relationship, we should be transparent in this matter,” said Pascal Goldschmidt, dean of the University of Miami’s Miller School of Medicine, in a statement, adding that he is confident that patients’ data is safe.

The tapes were written in a “complex and proprietary format," making it unlikely that a thief could access the data, according to the university. When the theft occurred last month, officials also brought in security specialist Terremark to work out whether data could be accessed from a similar set of backup tapes.

”Because of the highly proprietary compression and encoding used in writing the tapes, we were unable to extract any usable data,” said Christopher Day, senior VP of Terremark’s Secure Information Services group, in a statement. 

At least one Security Consultant Brian McCarthy of Sencilo Solutions disagrees, "Mr. Day is flat at not telling the truth, the backup software is a free download via Symantec, as for the hardware I'd suggest he visit E-Bay to place a bid for a LTO tape reader".  What Mr. Day should of been doing is recommending encryption technologies to his client, rather then filling them with false promises of security, states McCarthy.  The only way to guarantee that the data is protected is to use encryption, say Mr. McCarthy. 

Law enforcement agencies are currently investigating the theft, although Miami is not the only university dealing with the consequences of stolen data.

The University of Virginia also hit the headlines this week following the theft of a laptop from one of its employees. The laptop contained information on more than 7,000 staff, students, and faculty, according to media reports.

Local Charlottesville newspaper The Daily Progress reports that the laptop, which contained a file with names and Social Security numbers, was stolen from an undisclosed location in Albemarle County.

This is not the first time that the University of Virginia has been struck by a data breach.

Last year a hacker broke into the university’s network and accessed the records of 5,735 faculty members, prompting the school to call in the FBI to work on the case alongside the university police and its IT workers.

The University of Virginia did not respond to Byte and Switch’s requests for comment on the stolen laptop, although the local Albemarle County Police Department is said to be investigating the theft.

Research released today by analyst firm AMI Partners reveals the staggering scale of data breaches experienced by U.S. firms, with up to 86 percent of medium-sized American businesses reporting some form of security breach or data loss in the last 12 months.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing