Came across this article on Vtdigger.org and thought it was a good reminder for us all:http://vtdigger.org/2012/10/24/vsecu-data-for-85000-customers-ends-up-in-landfill/
If there are 3 things to be learned from VSECU's misfortune it is...
- Maintaining and auditing a log or checkout systems for all moving parts within a financial istitution will help ensure that critical hardware does not fall between the cracks
- Encrypting a hard drive is the difference between having customer information out in the open market and a fancy paper weight (Assuming an encryption method is used that does not have known vulnerabilities AES 128 block, 192, 256 bit for example)
- While the first 2 lessons can be gigantic pain in the you know what; it will save your reputation from taking a significant hit
