Centene Corporation looses hard drives that contained PHI!


Centene reported that hard drives located in their data center have been removed and can not be located. Their decision to not encrypt their external drives makes us nervous because they did not account for internal theft or attacks. While storing data in the data center is physically secured from an outside threat, the control does not account for internal threats, meaning monitoring employees that are allowed to access the datacenter.

Centene requires an information security management program that focuses on thinking outside the normal. CCTV is another physical control that should have been deployed and would have aided the insurer in locating the missing drives and identified who removed them from the datacenter.

Please contact us for more information!


Featured Posts
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
  • Facebook
  • LinkedIn Social Icon
  • YouTube Social  Icon
  • Twitter Social Icon

CREDENTIALS

 

_MS, Information Security

_CISSP

_CCIE Security

_Certified Information Privacy Profesional (CIPP/US)

_Cisco Intrusion Prevention Specialist 

_CNSS

_FBI InfraGard

 

The Knox Corps. All Rights Reserved.