Few cities are as iconic and elicit so many symbols as Las Vegas. The mere mention of its name conjures such imagery as flashing, glittery lights along the Strip, the electronic chorus of slot machines against an ovation from the craps tables, and risqué costumes alongside a steady stream of cocktail waitresses on the casino floors.

Las Vegas has rightfully earned its moniker, Sin City. This escapist paradise in the Mojave Desert has long been a favorite destination for tourists who come to try their luck—or just to indulge in the city’s plethora of leisure activities. Las Vegas has something for any traveler.

However, when caught up in the city’s virtually unending supply of attractions, it can be difficult to remember that Clark County is home to a thriving metropolis that many call home. Beyond the resorts and gambling houses, the communities of the Las Vegas Valley rely on the same infrastructure—including the intangible—as any other major city.

While the city’s sprawling tourism industry may seem like the most obvious victim of a data breach, in two recent cases, a government agency and school district were affected. The victims in this case were residents of Clark County. Both suffered breaches in disparate ways.

High Stakes

One of the more peculiar data breaches occurred at the Clark County District Attorney’s Office, in particular its Family Support department. Surprisingly, however, this breach was not on account of a malicious cyberattack. In this instance, an employee emailed a Las Vegas resident, Matthew Winchell, an Excel spreadsheet with confidential information in September 2020.

Winchell emailed the agency about a new source of income to pay child support, but in response he received the spreadsheet with 383 names and Social Security numbers on it. The spreadsheet was neither password-protected nor encrypted. This embarrassing incident was a result of human error, but also revealed the department’s poor security policies.

Around the same time another county entity suffered a breach, albeit one in which it was a cybercriminal target: the Clark County School District. This August 2020 data breach involved ransomware and the criminals demanding the district to pay the ransom or have student and employee information published.

The ransomware group threatened to publish information in installments if it was not paid. Some of the information it obtained during the breach includes student information and grades, and both present and former employee details, such as Social Security numbers.

Safe Bets

Both organizations can look back now and see what went wrong, then create security policies for implementation to protect such data. This, however, is sure to be recurring news as data breaches—whether through negligence or malice, internal or external—become more commonplace. Rather than gamble on data security, any organization must load the dice when going up against greedy cybercriminals.

In the District Attorney’s Office case, there was poor protocol and no encryption of sensitive information. While it’s understood that human error just happens, limiting access to confidential information is an important step. Proper procedures should be put in place, as should adequate hardware and software solutions.

SecureGuard is a program that prevents unauthorized users from saving data to external devices, as it allows administrators to whitelist and blacklist devices inserted into USB ports. Furthermore, SecureDrive and SecureUSB are hardware-encrypted solutions that protect data in transit, or as an offline backup solution. The BT drives can be enhanced with Remote Management, which restricts when and where the devices can be used.

SecureDrive offers a virtual Vegas-style buffet of solutions that can be used in conjunction with each other to help provide a thorough data security system for any organization.

To learn more about building your complete data security solution today, contact a sales expert at 424-363-8535.

Comments are closed.