What's The S In TSA Stand For?
from the dropping-the-ball dept
About 1200 former employees of the Transportation Security Administration have been notified they're the latest victims of a government data leak, after a contractor sent them documents featuring other ex-employees' personal information. This isn't the first time a federal contractor has lost personal data: the VA's second data loss of the summer happened when a desktop computer was stolen from another contractor, while vendors and consultants have a healthy track record of losing private-sector data too. While awareness of the importance of internal security procedures to protect data may be on the rise, the spate of data leaks by third parties doesn't seem to be slowing down. A company can exert a decent amount of control over the security of its own systems, and dictate employee behavior, to ensure that data is properly secured, but when that data is given to third-party vendors and service providers, security is out of its hands. Perhaps because companies can pass the blame onto these third parties, they don't put the same emphasis on their security procedures as they do their own internal systems. But the fact of the matter is that consumers don't really care who's to blame, and are likely to hold the company they deal with at fault. If more people ditch companies who leak their data, even if a third-party vendor is to blame, businesses will start taking the security of those vendors more seriously. Of course, the federal government doesn't really have to worry about people ditching it for a competitor, so perhaps some other form of motivation is in order.