Icarus and the memory stick

The number of high profile data losses as the result of misplaced portable memory is increasing at an alarming rate. This was demonstrated last month when a memory stick containing sensitive information about police operations was stolen from a Police Officer's home in Oldham. Although faced with public outrage Oldham police have handled the situation admirably, by honestly admitting guilt and promising to look at procedures within the department.

Even more recently a medical student who copied the private data of 87 patients onto a memory stick and then lost it, has landed the University Hospital of South Manchester in trouble with the Information Commissioner’s Office (ICO).

Cyber threats like these are on the increase and, in particular, the loss of information stored on portable memory devices is rife. The disappointment for me is that the specialist technology already exists to stop this happening. However, organisations handling crucial data persist in trying to get by with password protected versions of consumer memory devices.

It reminds me of the legend of Icarus flying too close to the sun. Icarus’ father used wax and feathers to create wings - the wrong tools for the job. In the same way, data owners persist in using devices intended for storing photos and Word documents to handle confidential data. Icarus’ Father, aware of the limitations of his chosen materials, told Icarus to stay away from the sun. Similarly, when equipping their staff with the wrong memory devices, organisations give them advice they know will not be followed, “always password protect and keep the device safe”.

Specialist memory devices, that don’t require further password protection, should become the norm for any Government officials handling sensitive data or individuals’ personal information. Cyber threats, as well as people’s safety should be at the core of police concerns and in order to protect businesses and the public, the issue needs to be addressed at regulatory level.

Don’t make your bricks out of ice

The recent high profile data security problems we have witnessed in the UK have highlighted the issues involved in using high street consumer memory products in engineering applications. When building a house, we don’t use ice as the construction material; we go for bricks and mortar which will stand the test of time. Similarly, when selecting components for a new device we should choose those with a healthy lifespan, which will not ‘melt away’ before the product comes to market.

Each time I hear that a CD, USB memory stick or camera card full of customer data goes missing, I think about how easy it is to avoid the loss by choosing fit for purpose product. Equally, every time I encounter an application in which an industrial device is brought to market containing a consumer memory product, it makes me think of the inevitable re-design when the memory product ceases to be manufactured. 

Moore’s Law makes it inevitable that this re-design will happen every time. While, the use of USB sticks shows an admirably intuitive approach to design, using products out of context will not produce an adequate outcome. The only way to get the right result is to choose a memory product that is specifically produced to meet the needs of the engineering designer. There are available on the market. It isn’t their availability that is the problem, but rather a lack of awareness of their existence in the engineering design community. Perhaps it’s time for steps to be taken to spread this awareness amongst design students, so that the next generation of engineers makes fewer mistakes?