It is not often a television advert makes me sit up, take notice and shout “No!….” at the box in the corner. One did recently, and perhaps it says as much about me and my long learned approach to data security.
Over the past three years or so, our company has introduced a rigorous and robust approach to data security and information management. This has culminated in us being one of the very few pension companies to have obtained ISO 27001:2005 accreditation and recently being (we think) the first in our industry to obtain the updated ISO 27001:2013 certification. Is has taken time, significant investment and the buy-in of all staff to engrain the proper processes and procedures into our day to day work. It is something we are very proud of. Among the many requirements are:
- Ensuring password protection of personal data being sent to external parties;
- The enforcement of “complex” passwords for all staff logging in to our systems;
- Clear-desk policy (not easy); and
- The proper disposal of confidential waste.
Now, take a look at Nat West’s recent “Goodbye unfair banking, Hello NatWest” advert. Skip past the tired parents waving goodbye to the unruly young party guests, the elderly couple waving off their raucous rock band neighbours, the father waving away his daughter’s bad-boy boyfriend and the lucky couple waving off the torrential rain on their way to a sunshine holiday. The culmination of the advert is your typical “man in the street” rifling through a number of “tempting” new customer offers that have been sent to him by “other banks” in the post. He pauses for thought, tosses the offer letters in the bin and wanders smiling into a shiny local NatWest branch.
“No. What are you doing?” I think to myself. You’ve just thrown a goldmine of personal information into a public dustbin. Are you mad? Address information on the outside, possibly further personal data on the inside. Take them home, shred them! Read more »