The Cost of Data Loss

Earlier this month I wrote a blog about it being ‘A new year, same mistakes.’ Little did I know that things would continue to snowball with more data breaches – specifically in Canada – happening as a result of unsecured removable media. 

I’m not here to chastise the Canadian Government agencies about how they manage data, but the most recent developments of the Canada Student Loan data loss, brings to light the risks associated with not securing data; specifically, the external financial risks of such a loss.

Last week it was announced that two class-action lawsuits are being filed against the Government over the loss of the more than 500,000 student loan records. When I typically present to customers and partners, we talk about the risks of data loss and theft and regularly explain that it’s more than just the cost of the device and the information contained there’s much more at risk when data isn’t properly protected.

These class action lawsuits are a prime example. Right now a removable hard drive, that could cost as little at $50 to replace, went missing. The loss of that device now will include the cost of an internal government investigation, a RCMP investigation, time spent to reach out to all affected people and more. That’s just the immediate cost to the Government. This doesn’t count the damage to the reputation of the Human Resources and Skills Development Canada and now two separate lawsuits that the Government will likely incur legal costs for and potential damage claims as a result.

The fallout could cost the Government a few thousand dollars or a few million depending on how things turn out. This is all happening because one hard drive was lost and the data wasn’t encrypted. If the data were encrypted, the government could say that despite the loss, the data remained secure and there is no risk to the public.

We’ve talked about the total cost of data encryption constantly over the past year and we’ve worked to demonstrate the main businesses costs associated with it. The toughest part to quantify is the outside costs associated with data breaches. These can increase exponentially depending on the information lost and the scope of that information. In this instance, ultimately, the taxpayer will end up footing the bill for the mistake.

However, if you’re a business and this were to happen to you, could you afford to deal with the fallout? The question businesses – and any organization that manages this kind of data – need to consider is whether or not it’s worth the risk of not encrypting and securing data. In every case, the answer should be no.

I’ve said it before and I’ll say it again, the costs that could be incurred as a result of a data breach far outweigh the cost to deploy a data encryption and security solution.

Previous Post
What kind of encryption is best for you?
Next Post
What’s your P@ssw0rd?

Related Posts

SC eConference Data Security

WinMagic will be exhibiting at the SC World Congress (SCWC) eConference on Data Security on Tuesday, September 24, 2013! SCWC hosts virtual conferences each month focusing on challenges that IT security professionals encounter frequently in their roles. SC Magazine is…
Read more

Oh, so you stop hackers and stuff?

What I’d like touch on today with this post is a common misconception about data encryption and security. When I tell people who I work for and what we do, many people assume what we do is protect people from…
Read more

Talkin’ to Government

Today marks our first day at FOSE – the annual conference for government technology professionals. In today’s increasingly security-sensitive environment, this conference should provide some good insights as to what’s on the mind of folks working in government and how…
Read more

Making the Case for Data Encryption

In August, we released the results of a survey we did with the Ponemon Institute where we examined the Total Cost of Ownership (TCO) for data encryption. To make this information even clearer, we’ve now created a handy, easy to…

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.