Credit monitoring as most popular offset against data breach
The Public School and Education Employee Retirement Systems of Missouri has been facing the consequences of the recent information security incident which had occurred on September 11.
The corporate email account of the employee was accessed by an unauthorised third party.
More than 128,000 working individuals and 100,000 of those who are retired are covered by the program which is now assessing how many people have had their data compromised. Everyone is being notified.
According to the organisation, the violator didn’t have time to access the internal operating systems. The people the data of whom could have been exposed, received letters with activation codes for a two-year membership in a credit monitoring service.
Also, the Department of Elementary and Secondary Education of Missouri has been recently affected due to the deficiency in the official website of the organisation. Teacher certifications and credentials could be found and viewed by anyone surfing the Internet. The flaw was in the website programming, and the unsecured pages were removed temporarily.
The trickiness of the situation is that the Gov. Mike Parson attacked the Post-Dispatch newspaper for reporting the weak spot. Instead of admitting the paper’s help in revealing the problem, he accused it in a hack and is now willing it to be sued.
Offering free credit monitoring support is common practice for many businesses and institutions to help deal with the incident or at least ensure further safety of a customer or a citizen in case of a governmental organisation.
Once again the specialists, namely Nicole Galloway, auditor, appeals to superiors’ competence and rationality, reminding of what can ensue from the lack of information security instruments and a risk management plan. This is especially true for government institutions as they still don’t admit the severity of data breach consequences. She emphasises that these institutions risk mainly taxpayers’ finance, whereas businesses are much better equipped as far as any breach affects the resources of an owner. There are guidelines for every organisation there, and they are the same, thus they demand the same attention.
Another issue was brought up again. Many former employees still have active accounts and can access the internal systems of their previous workplace due to poor security measures and scarce understanding of how promptly the inactive accounts should be removed.
Data management, old passwords, backup and recovery issues are mentioned among the other problems which still require immediate focus on.
Learn more about the solution which saves your time and money giving you the complete toolset you can find purchasing a full-fledged monitoring software