No classified data on misplaced USB stick: Defence

USB stick found on Qantas flight contained only public data, Defence claims

Tim Lohman (Computerworld)
14 March, 2011 09:56
Comments

Australia’s data loss prevention and encryption vendors will no doubt be salivating at the Defence’s confirmation that a USB stick allegedly found by a radio announcer on a Qantas flight does indeed contain Defence information.

See more security news

The confirmation follows the announcement by a 2GB Radio Sydney announcer on 10 March 2011 that he was in possession of the USB stick, which was claimed to contain Defence classified information.

In a statement, Defence said it collected the USB stick on the same day, and assessed whether it did contain classified information. “Initial analysis indicates that the device does contain Defence information, none of which is highly classified and some which is unclassified and available over the internet,” the statement reads.

Defence did not comment on whether the data contained on the stick was encrypted or able to be copied.

According to Defence, the memory stick’s owner had been identified as a former Defence member and current contractor.

“Defence takes any compromise of its information seriously, and the circumstances surrounding the loss of the thumb drive are being investigated,” the statement reads.

Intelligent Business Research Services (IBRS) advisor, James Turner, said while the claims to possessing unclassified information on the USB stick could be exaggerated, the situation did show the need for organisations to utilise encryption, rather than data loss prevention.

“I'm presuming that the contractor was entitled to access the information they had on the USB key so DLP would have wished him a cheery safe trip and done nothing to stop the data being ported on to a USB key,” he said.

“This is the same scenario that a number of our clients have been looking at and a common conclusion, and certainly one that I recommend, is enforcing USB encryption.

“Security should support the staff in what they are authorised to do and if that includes copying data onto a USB key and getting on a Qantas plane then so be it.”

The incident was a good reminder for other organisations to revisit security policies, examine how they would manage the loss of a USB stick and understand what sorts of data was presently on staff USB sticks, Turner said.

“For most organisations, I bet they wouldn't know [what is on staff USB sticks],” he said. “Partially because they wouldn't have sufficient logging to know where the data had moved and partially because the staff would be too embarrassed to report the loss internally."

Follow Tim Lohman on Twitter: @TLohman

Follow Computerworld Australia on Twitter: @ComputerworldAU

"Djinn, did you just skip the intro paragraph?"

Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
""5 Resons Why I Choose the GS4" is a better title, because ..."

Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
"It is much easier to become a manager in IT than it ..."

Solving the skills conundrum – part 1
"1. The HTC has a better low light camera and the lens ..."

Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
"as a teacher - you can't win - in a constantly changing ..."

High school students still see ICT as ‘sitting at a computer all day’: survey

Tags: defence, secuity, data loss prevention, encryption, USB sticks, end point security

Latest Blog Posts

Whitepapers

Tips Choosing a Cloud Service Provider
Because cloud is still a new and evolving business model, it can be argued that the decision to select a cloud service provider should be approached with even greater diligence than other IT decisions. Many providers use the same term to define very different services, “hybrid cloud” is one example, making it difficult to compare offers. This whitepaper will help enterprises evaluate their options in two critical areas: the cloud service portfolio and the service provider itself. Read now.

Learn more »
Power of Three: Building Mobile Initiatives Guided by Business Goals, Technology and Governance
The use of powerful mobile devices has become so widespread industry leaders in almost every sector have embraced mobility solutions as central elements of their IT and business operations. As mobile budgets grow, so does the influence of business units on mobility strategy. Read on.

Learn more »
Top 10 tips for Migration
As users bring multiple devices to the workplace, IT departments need to have a single view of all their mobile devices. Find out how to build a secure and reliable management platform for next generation mobile computing across multiple platforms. Click for more!

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Devising a Server Protection Strategy with Trend Micro

With so many Information Technology solutions available to choose from today, many organizations put their trust in the experience, insight and advice of Gartner, and their industry-leading analysts. Trend Micro’s ...

Recent comments

"Djinn, did you just skip the intro paragraph?"
Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
""5 Resons Why I Choose the GS4" is a better title, because ..."
Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
"It is much easier to become a manager in IT than it ..."
Solving the skills conundrum – part 1
"1. The HTC has a better low light camera and the lens ..."
Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
"as a teacher - you can't win - in a constantly changing ..."
High school students still see ICT as ‘sitting at a computer all day’: survey

Follow CIO

Market Place

Now out of the office never means out of the loop. Office 365 – your complete office in the cloud.

SolveXia’s key tips for CIOs seeking improved productivity through automation. Click here

Security 2013 Exhibition: 160 brands, new innovations, expert speakers & more, register now.

Deploying mobility worthwhile challenge hear what CIOs have to say.. Read more

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

No classified data on misplaced USB stick: Defence

Recommended

Does encryption really shield you from government's prying ...

Industry welcomes ICT education funding

With budget, NSW government leads Australia on ICT: ...

Debating the digital economy

Why the fuss about big data?

Homeless multinationals and taxing decisions

Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4

10 Tips for Dealing with a Bully Boss

5 open source help desk apps to watch

Australia suspected to have PRISM data: Ludlam

How to define the scope of a project

Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4

Solving the skills conundrum – part 1

Australia Post’s mail business to lose $200 million this year

Online shopping reaches mainstream status

Why Agile Isn't Working: Bringing Common Sense to Agile Principles

Symantec Business Critical Virtualisation Content Zone

BlackBerry Enterprise Service 10 Zone

HP Tech Connect Resource Centre

Devising a Server Protection Strategy with Trend Micro

Enterprise Mobility Management: Embracing BYOD Through Secure App and Data Delivery

Legal Compliance in Electronic Record Keeping

The IT Priorities for 2013

Forrester: The Three Stages of Cloud Economics