Names, social security numbers, n and photos of more than 28,000 students and 4,000 staff members at George Mason Univeristy were stolen sometime between November 2004 and January 2, 2005.
According to the COmputrWorld report (print edition, January 17, 2005), the only reason we know abou tthis is an audit of system files uncovered it.
The University explained that they have 60,000 registered users and 25,000 servers, as if that would explain why it might be hard to maintain security. Huh?
All that does is underline the stupidity of putting unencrypted personal information onto the network. If you know you can't secure it, why did you put the data there?
The world needs to change this mindset of acceptance of error in the face of challenges. It doesn't matter how hard it is to secure a large network. What matters is security, and security requires you to refrain from placing your constituents at risk if you cannot protect them.
Comments