Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Assign Blame

Recently, my bank notified me about some of its sensitive customer data getting "lost" in transit. It had fallen out of the truck! Evidently, an employee hadn't properly shut the door.

When the story hit the paper, bank personnel and the police were reported as saying no one was to blame--mistakes happen. Wrong, wrong, wrong.

Someone is responsible for information loss. Failing to develop, implement and oversee sound security practices is tantamount to building a bank with no door and vault locks. Nonadherence to security policies is no different from leaving the door unlocked and the alarm off. Hey, why not just invite the thief in? Better yet, why not pile the money outside the front door and save him the effort?

Granted, the threat of customers taking their business elsewhere is a powerful incentive for companies to keep personal data more secure. However, it is usually people, not systems, practices or policies, that fall short. Failure to hold those individuals accountable for their negligent handling of private data serves only the ineffective employees.

From "I got hurt breaking into your house" to "I put the hot cup of coffee between my legs, but it's your fault and I'm going to sue," we've apparently lost the belief in personal responsibility.

  • 1