• Article
  • Print
  • Send to a friend
  • Comment (0)
  •  
Ernie Sherman
Member since June 4, 2012

Recent Comments

Fuelled Networks

[Professional Blog] Elections Ontario Lost Data – Fails To Safeguard Personal Data

Published on August 16, 2012

Human error is arguably one of the biggest threats to any company’s or organization’s security. Nothing drives that point home more strongly than a data storage mishap involving Ontario voters.

The personal information of 2.4 million Ontarians disappeared when two Elections Ontario employees lost two USB data keys on which the information was stored. To make matters worse, the data was neither encrypted nor password protected, and the employees, apparently, didn’t keep the USB data keys in a locked drawer, cabinet or box. To add further insult to injury, Ontario’s chief election’s officer Greg Essensa knew in April 2012 that the data keys had been lost but waited until July 2012 to publicly announce the breach.

Even if the information is backed up somewhere else and fully recoverable, it doesn’t change the fact that 2.4 million Ontario voters have their names, addresses, birthdates, genders and whether or not they voted in the previous election on those USB data keys. For an identity thief, those lost data keys provide a smorgasbord of source data.

A similar breach occurred in Durham, Ontario in 2009 when a USB data key with the health information of 84,000 patients was swiped from a health clinic.

You can almost hear the cloud advocates saying, “If those records had been stored in the cloud,” this never could have happened. It doesn’t help that they’re absolutely right. Yes, networks get hacked, but let’s face it. Human error is far more common. There are considerably more basically honest people who make disastrous mistakes like the one made by Elections Ontario’s, now, former employees than there are mischievous or malicious hackers.

As Ontario Privacy Commissioner Ann Cavoukian said after the 2009 health clinic breach, “No personal … information should be transported on mobile devices, unless the information is encrypted.”

A lot of people are worrying about who should be held accountable. The two employees who lost the USB data keys no longer work for Elections Ontario. That risk, at least, has been minimized. The next step is to devise a way to prevent such a disaster from happening again, not cast about for more people to blame.

The biggest lesson that all business leaders can learn from this is the importance of not only establishing strict policies for protecting sensitive company and client information but also teaching employees how to adhere to those policies automatically.

Implementing some kind of cloud solution probably wouldn’t hurt either. What if the USB data keys had been encrypted and locked in a drawer in the Elections Ontario headquarters? Now, let’s say that headquarters got destroyed by fire or an explosion. Would that information have been any less lost than it is now? It might have been safer; as of July 2012, no one has any idea who may have taken the USB data keys.

Elections Ontario has a lot of work to do in the coming weeks. It would be ideal if by some miracle, it turned out that the USB data keys were picked up by someone who had a legitimate need for the information stored on those keys. Since the odds against that are astronomical, now would be a good time for Elections Ontario officials to add finding a better way to store voter data to their list of things to do.

Always an IT guy, Ernie Sherman has been fulfilling the needs of Ottawa small businesses as a member of the Fuelled Networks, Ltd. (formerly Harris Computer Services) team since joining the company in 1998.

Sherman’s commitment to excellence is evident in his achievements and memberships. From 2007 to 2012, he was a member of the advisory council for SonicWALL. He’s been a member of the business executive peer group organization HTG since 2008 and won the Microsoft Impact Award in 2011. In 2003, Sherman was honored to be named  Ottawa’s 40 under 40 winner. He is a Microsoft Gold Partner who also sat on the board of IAMCP Canada.

Sherman also enjoys giving back to the community and currently serves on the board of It’s A New Day Golf Tournament, which has so far raised more than $1.2 million for the Ottawa Hospital Foundation.

Ernie Sherman is president of Fuelled Networks and can be reached at ernies@fuellednetworks.com or visit the Fuelled Networks website at www.fuellednetworks.com

Submit a comment

Submit a comment (we keep all emails private)
Agreement

We ask that users remain courteous. You may not post insulting, discriminatory or inappropriate content, which may be removed at our discretion. We are not responsible for user content and opinions. Use of this site as well as content submission & ownership are governed by our Conditions of Use and Privacy Policy.

Member organizations should be non-profit in nature, and promote legal activities. Any organization found promoting illegal activities or commercial products or services will be deleted from the site.

I agree with these conditions.

Notice
The management of this site indicates that it is not liable for persons, organizations and / or organizations to register in order to promote and make themselves known. Moreover, the managers of this site should not be held responsible for errors or other errors that slip inside information recorded under this heading.

More

Advertising

SmartEdition logo smart

Expert bloggers

Equitas Consultants Inc.
Blogger
Ron Prehogan
Family Business Longevity: The...
Design 1st
Blogger
Kevin J. Bailey
The Backyard Inventor's Maze:
Impact Public Affairs
Blogger
Huw Williams
How to be a PR Star!

More bloggers here

CASE STUDY VIDEOS

An investment in yourself
LC Fitness Studio

No surprises, no upselling
RE/MAX Citywide Realty

Are you ready for the unexpected?
TK Financial Group

Newsletter

Please enter your email to receive our free newsletter

Subscribe to news alerts

Advertising