The Office of Inadequate Security recently reported a major data breach at East Devon District Council where the personal data of almost 2,000 council workers was leaked. The incident happened when a former manager of the council sent the data in an excel file to a private email address.

The council says the incident was “unauthorised” and affects 1,891 staff, councillors, employees of Leisure East Devon and pensioners formerly employed at the council. This is a situation that could have been prevented using both Data Leak Prevention (DLP) and Enterprise Rights Management (ERM).

DLP will detect personal details like data of birth, salary, national insurance number or social security number and prevent unauthorised copying to external media or to email. Where copying is authorised, ERM will automatically protect documents that contain sensitive or confidential data.

In the UK government bodies and agencies are still lagging behind when it comes to using these technologies to prevent data breaches and will do well to consider the benefit of using these tools to help staff to stay on the right side of the law.