The UK Information Commissioner is to be given sweeping new powers to fine those in Whitehall and private companies who deliberately or recklessly lose confidential personal information, Jack Straw, the justice secretary, disclosed yesterday.
The level of fines, which is still being negotiated, could in the worst cases run to millions of pounds.

Straw is also considering a ban on the sale of information from the electoral register, after more than 1,600 complaints to the information commissioner about the online misuse of people's details. They included a police officer whose family's name and address, along with a map to their house, appeared on a website, along with details of somebody who had been a victim of identity fraud.

Richard Thomas, the Information Commissioner, has said the ready availability of so much personal information is a threat to privacy, and sometimes to security.

The Pentagon has banned introduced a ban on USB flash drives and other portable devices due to a virus threat to Defense Department networks in the US.

While the bank has not been publicly acknowledged, messages were apparently sent to department employees informing them of the new restrictions. Under the new rules, USB drives that had been issued to staff or purchased privately are being collected from their owners.

According to reports, there is no news on how long the ban will last.

Perhaps defense IT specialists would be interested to learn that solutions exist to prevent unwanted content from USB sticks getting onto the corporate network or - perhaps even more importantly - being used to copy sensitive material from the network?!

Nearly four out of five people in Britain don't trust the organizations that hold their personal data to keep it safe. Of more than 1,600 individuals questioned, some 89 percent believed that reckless data security breaches should be a criminal offense. The majority of respondents felt that those guilty of avoidable data security breaches should be imprisoned.

93 percent of those surveyed said they would not be willing to give their personal data to an organization that had already reported a previous security breach.

UK newspaper, the Daily Mail, has revealed that a police officer in the West Midlands has lost a 4GB memory stick reported containing top-secret information on terror suspects. The device was lost when the officer took the device on patrol.

At least one property has been raided in the search for the lost USB stick, but so far it has not been found.

Although police would not confirm it, the newspaper believes the device held information on a number of suspected terrorist cells being monitored by police.

There is no word - and hence nothing to suggest that the data held on the USB was encrypted, meaning that anyone who now has the device has access to some potentially highly-sensitive data. The security breach is serious enough that the UK Home Secretary, Jacqui Smith has been informed.

This is yet another high-profile example of how allowing sensitive data to be copied to inherently insecure devices, with no security precautions, can be a seriously risky practice.

New research announced this week revealed that 88 percent of IT Administrators would have no problems stealing confidential information from their employer's network if they were fired. And with these employees privy to all areas of the network, one can only imagine the kinds of data they could easily lay their hands on...

While the company that sponsored the research believes this is a good reason to change passwords on a regular basis, WatchYourEnd also strongly recommends organizations invest in technologies that can be used to stop the unauthorized copying of data from the network to portable storage devices such as USB sticks, MP3 players and even CDs or DVDs.

Of the 300 IT Administrators surveyed, only 12 percent claimed they wouldn't dream of helping themselves to company data.