91Èȱ¬

When I worked at a university library when floppy disks were still in use, students left their disks inside the drive, on top of computers etc. Most of them weren't named or just had 'Assignment' written on them. I was given the job of checking if there were any files, of which 95% of them had the student's name on them.

With memory sticks, as they are small, there is no chance of putting names on.

On a similar note, my friend found a DVD with nothing written on it in the gym at work. Being a Saturday, there was no-one around and one of the conference rooms was unlocked. So we put in the DVD and it was of one of the senior manager doing it with a blonde woman!

We left the DVD in the player, so when the conference room was used, all someone had to do was to press 'on' on the remote....

I didn't find out if the senior manager was in the next conference in that room.

Where I work, we keep medical, social and personal data on our clients on memory sticks - with nice photographs to remind us what they look like.

And yes, our clients are especially vulnerable.

And yes again, we work for the government, and no-one in our management structure seems to give a damn about potential risk.

I've never lost a memory stick, but I have put one through the washing machine and tumble dryer. It survived to tell the tale!

Try as I might, I can't remember if I have misplaced an electronic memory receptacle or not. I did lose my cuneiform stylus once though.

Why do local government and government institutions allow their staff to save sensitive data on any form of removable drive, be it USB sticks, CDs, DVDs, external hard drives or any other (obsolete, yet still used) media.

I find it baffling also how the media pile blame onto the Westminster government for the poor operating practise of local councils or private, third party contractors. We cannot blame Gordon Brown for this (however much we may want to).

Memory sticks are like cigarette lighters. They disappear for a few weeks and then mysteriously reappear in the pocket of a pair of trousers that I'd checked 3 times already.

This is why I don't fret about not being able to locate one, cos I'm certain that one day, it'll just turn up as though nothing's amiss. Like my cat.

I find it very odd how the commercial world can manage with keeing it's data in central repositries that is then accessed by laptops rather than keeping the data on laptops themselves. Yes the public sector with all it's resources don't seem to be doing the same.

Very rarely would the company I work for ever commit any data to CDs, DVDs, laptops or memory stick (other than the regular backups which are kept locked up on site in a fireproofsafe). And as far as I am aware we have never transfered personal data like this.

Perhaps it's time that the busybodies at the local council got properly disciplined for lack of procedures.

i do know exactly where my stick is and whats on it . its all about filing and putting things away when you finished.for those who take work home with them , can i suggest that you take more care or email stuf to you email address then you have no need to take it with you to lose. unless you are robbed in the street no excuses please! we never had this preoblem as bad as it is now when we used pen and paper.

I work part-time in an academic library. The duty librarian's top desk drawer *always* has at least one memory stick in it! We just hope the assignment(s) are not overdue......

My company used to get details of credit card transactions on a CD. To protect the data it was encrypted. However this protection was somewhat nulllified by putting the decryption key on the CD, in plain text, in a file called PGP_key.txt.

Luckily none of the disks went astray.

I remember when at school I had all my GCSE coursework saved onto one floppy disc... which I left in a computer in the computer room! Much disarray as I tried in vain to re-type all my work (luckily I still had paper copies) to get it all finished on time, then some plucky seventh year handed it back to me one lunchtime two weeks later! he didnt know my name but I had drawn some doodle on the disc that matched a doodle on my bag and, as he remembered seeing me in the computer room that day (he'd been on holiday since) he handed it back to me :) aww bless ya gotta love kids eh?

I'll be amazed if there's any reader here who hasn't ever left a bag on a bus/train/taxi, or put something down and forgotten to pick it up, or at the very least had something small fall out of or get lifted from their pockets.

The problem is the geniuses who think it's some sort of good idea to copy three filing-cabinets-worth of sensitive data on to one small and easily lost/mislaid/pickpocketed USB stick. It's the same level of bright-idea as writing your address on your keyring - you KNOW it's going to get lost at some point, so don't do it!

Oh, and to answer the question, I've never lost anyone else's data, but I lost mine in style once - my bag containing my work ID, my purse and cards, my work keys, a few photos, and the multicoloured bag of condoms I'd just collected from the family planning clinic. Going to pick that up was not an experience I'm keen to repeat...

I agree it's pointless to blame the individuals concerned - things like this do get lost and stolen, that's just the way of it. But it's madness that they are allowed to transfer and carry around sensitive data in this way, there should be far stricter procedures in place to prevent this, as there are in finance and other corporate settings. Even email is not a particularly good idea from a security point of view. Better to store the information securely on servers, and allow properly controlled remote access via VPN or similar, if staff have a legitimate need to access the information from outside the office.

I don't think I've ever actually lost a data stick although my mum has borrowed mine to take stuff to work (none personal stuff only photos from a school trip) only to find that I've left photocopies of my passport and National Insurance number on there!!

I do however think that I may have left my mp3 player on the plane when I came back from a band tour recently and getting in touch with the company to find out if I'm right is proving difficult!!

Never lost a USB stick, floppy disk, CD/DVD ever. Im a scientist and you are tought to respect your data, you need to keep records of absolutly everything.

It would not be worth it for me to be careless about information.

I lose my memory most Weekends, my wife never does!

Whilst we are on the subject of data loss how many organisations encrypt the data on their backup tapes? I know of a major charity that has credit card numbers in plain text on backup tapes but for obvious reasons I'm not going to disclose where the tapes are kept or which charity it is!

Missing memory is not restricted to that held within tiny new-fangled gadgets.

We had a folder documenting all the information we had sent to off-site archive, allowing for the correct box to be recalled when necessary.

First rule of archiving- don't let the office junior do it!

A friend of mine volunteered to put a new version of windows on my laptop for me. It erased EVERYTHING. There was no backup.
He tried to recover stuff from the hard drive and some of it survived. He recommended I start using a flash drive to hold all my stuff.
So I did. I carried it with me everywhere for a year and a half. It had my CV, my grad school research notes, my novels, all my poetry, all my freelance work, invoices, photos. Again, no backup.
Lost it last weekend at the office. no idea where it is. The company is refusing to send out an all-staff email pleading for its return, even with a reward offer attached.
Am a dope.

I keep data in all kinds of formats - external hard disks (pocket size), CDs, mini CDs, DVDs, mini DVDs, floppy disks (not so often now), flashcards - and have yet to lose one. Mislay temporarily - yes, but after my wife has sighed a few times and said "Not again" they usually turn up....

I keep a lot of scientific data on 2 USB pen drives. One is tied to a house brick to stop it being carried off by mistake. Really!

Has none of these organisations heard of the internet? It is a fantastic worldwide resource available to transfer huge amounts of data without the need to use a bag, courier, pocket or even a train.

The really neat part is that where you can get mobile phone access you can get online too.... pretty much anywhere in the UK. I fail to see the benefit of letting anyone use USB sticks, CDs and DVDs more than 6 inches from the back up unit.

Keep the data on the server, develop data tool kits if needs be that mimic the excel or access tools these people will use at home or in their laptops. Let the server do the work, feed it though a web interface so the data load is minimised - it is not like it can't be done easily and affordably with off the shelf software.

I once worked at a company where a group of us found a cassette tape near the coffee pot from the weird guy that everyone wondered about. Secreting it away to one of our offices, we gathered round a player to hear what was on it. As we laughed and then fell silent, a crone with a raspy deepp voice started droning about destruction of the world and hissed that the mutants would rise. We switched it off in horror and got the tape back to the coffee pot as he came rushing in, asking angrily if we had listened to it. We of course denied that we had and gave him a wide berth ever after.

I lost a memory stick last summer. Ironically, it has an episode of Lost on it.

People have always mislaid data, reports, documents, or whatever. However, it's only been in the last few years that it's become possible to mislay such vast quantities of data.

Ten years ago the memory stick did not exist and writable compact discs were incredibly slow, so to store the kind of data we're talking about required large machines and they certainly weren't portable.

Today you can buy a memory stick or a writable DVD for peanuts, fill it with gigabytes of data while you make a cup of tea, and then put it in a jacket or trouser pocket. Consequently, data takes on a disposable air and is often treated as such.

#23. Have you never sent an e-mail to the wrong address? I have just this morning. If data such as medical records, criminal records, tax details etc were on-line they WOULD be hacked in minutes. If some unemployed loser can hack into the US military looking for UFO's how secure do you imagine the DHSS computers would be?

Its a bit mission impossible but is it beyond science to make a USB pendrive that self destructs (or at least formats) after a set period? It would allow data transfer but reduce the chances of lost data being found again and misused.

I used to write shopping lists on the back of my business cards. Mistakes were bad for business and for some reason, it was always loo roll that I forgot.

What I can't understand is why people insist on putting unencrypted data on memory sticks. There's a free tool (Truecrypt) that works on XP, Vista, Linux and recent Macs. It takes less than 30 seconds to mount the encrypted partition. Should be a no-brainer, especially if carrying sensitive information.

This comment was removed because the moderators found it broke the house rules. Explain.

Is it worth pointing out that the picture used to illustrate this discussion isn't a USB memory stick?

It's a Sony MP3 player.

Maybe the 91Èȱ¬ have lost the photograph of the USB stick?

#1 pinkfloydareace wrote:

"With memory sticks, as they are small, there is no chance of putting names on."

Right, but there is _plenty_ of space to put your name *in* them. I do this with every data storage card or USB drive I own, by copying a smal text file to the device. Inside the file, usually named _README.txt or _OWNER.txt, are my contact details and a polite request to contact me in case the device is found.

I'm pretty sure my English lit dissertation is still floating around on a memory stick in Durham somewhere... If anybody doing english ever finds it (probably in the city pub or the swan and three) you have my absolute permission to submit it as your own... It's only a high 2:2 but if you paste a copy of this post to it you shouldn't get done for plagiarism :)

One of the things organisations can do is make it a disciplinary offence for staff to put sensitive data on an easily "mislaid" format. I once had to give a formal written warning to a member of staff who put very sensitive information on a floppy disk, strictly against rules, and then managed to drop it on the steps of the office!

The similar nightmare for a woman is losing your handbag or having it stolen. You don't lose other people's details but it creates chaos in your own life. Last time this happened, I had to change the locks on the house, the car, the office (yes, my business cards were also inside the handbag), and rebuilding my diary and address book was a nightmare.

Encryption software is cheap/free and easy to use. You just need to remember a password. Many memory sticks come with free encryption.

All sensitive data should be encrypted as a matter of course by all service providers and it should be criminal negligence not to protect clients.

Please alert management.

Thank you for choosing Earth, we hope you enjoy your stay.

Several months ago I heard something fall into the bin from the bookcase next to it. A quick glance in the bin showed nothing of importance.

Two weeks after that I realised that what had fallen into the bin was the memory stick with hundreds of photographs that I meant to transfer between computers (and had already deleted off the pc when I transferred them to the stick).

Doh!

Next time I'm getting my hands dirty and going in after it.

I used to spend a lot of time in my University Library and every so often found a floppy disk left in a computer. One of my less noble efforts was to see if there were any essays on the disk and, if there were, I would add in a sentence of my own. Invariably rude.

I would then save the file and wander off leaving the disk to be located by its owner. I have often wondered if any hard-pressed students printed out their essay without proof reading it first.

Anon, Edinburgh

My advice to everyone that uses removable media is to use the free TrueCrypt program to encrypt the whole device. Then you can't loose any information if you loose the device because no one can read it without your key (a password)

I have misplaced disks and USB drives plenty of times. As someone else said, they are much like lighters... they tend to pop up again. While working on my thesis I misplaced my USB after spending a day doing research and typing about 6 pages at a library. Luckily, I had made paper copies of many articles and others were in my reserved list on the library's system. Of course the USB showed up in my coat pocket while searching for change about 3 months after turning in my paper.
I am a big proponent of centralized servers at work. It drives me crazy when I can't find a document in the archives because someone didn't know to save it to the server and it is either on a disk/USB or on their desktop. I hate going through a pile of poorly labeled disks to find important files.

During GCSE ICT and 6th Form my memory stick was often left in the back of computers.

They're just so darn forgettable.

The panic alone has put years on me...

The memory format I've lost? My mind - I seem to have a brain like a sieve at the moment....

What many people don't realise is that the much-maligned Windows Vista has tools that can be centrally applied to control access to USB sticks, CDs and DVD, either read or write, on a user-by-user basis or pc-by-pc basis.

Proper application of such tools can hugely reduce the risks of casual copying and subsequent loss of sensitive data.

A similar 3rd party tool is available for Windows XP:

I'm a Windows systems engineer newly arrived at a major bank and was both surprised and impressed to see these and other very tight security measures already in place, but sadly I have to say it's the very first time I've seen them used at any of my clients!

RS

Vouchsafe? Vouchsafe? I think the editor needs a dictionary...

You don't need security tools - high security sites fill the USB ports with expoxy resin! In fact if you happened to work in a government department and were concerned about data loss, this is just the sort of thing you could do yourself... after hours...

This is why I email everything I need transferred to myself. I know it doesn't have a virus (and if it does, then I need to kick myself and work out why it does), I know I can't forget it/lose it/drop it, and the chances of someone actually knowing my password is approximately 1 in "Scorned ex remembering my login password". Which, considering it's yet to happen, seems to be quite a negligible problem!

I haven't lost a USB, but what I have lost recently is my phone memory (I had taken it out to send my phone for repairs). Lost my contact, addresses, birthdays-basically it's been a pain!

Also, for all those saying servers are best, my company has just lost all the work backed up on our central system. Months and months of work with no hope of getting it back.....

#27 is quite right about the potential for misplacing confidential information sent by e-mail, but this is by no means an issue only with so-called "new technology". My PC is set up to send and receive faxes like a manual fax machine. A couple of years ago, I took a phone call I recognized as being an incoming fax connection, and it was just possible this was a reply we'd been expecting, so, though I don't usually receive faxes, I quickly plugged in my moden and clicked "receive fax" - only to get the results of someone's pathology tests that the lab was trying to fax to a medical practice that obviously had a number close to ours.

Moral of the story? Anyone who can dial a wrong telephone number can mis-send e-mail, text, and anything else. (And even pen and paper is not immune: a decade ago a family member opened a letter from an executor to find not only the correspondence meant for him, but also that for a completely unrelated estate - marked "Private and Confidential", of course, as if the magical incantation of the phrase might ward off habitual incompetence.)

I've lost a USB flash drive... with nothing on it, thank goodness. Brand new, unpacked, checked out, and mislaid within hours...

The first incident that springs to mind, though, was when I was working for a small computer firm several years ago. We bught a new CD-ROM drive from a local supplier, fitted it into a machine, pressed Eject, and in the tray was a genuine Windows 95 CD-ROM, complete with serial number written in in indelible ink on it. Methinks the drive wasn't quite as new and unused as we paid for!

Is it really so difficult to encrypt data? As the director of a small company I would be destroyed by Data Protection if I "lost" sensitive personal details of my customer base, let alone half of the country. Yet the government and other public bodies seem to routinely lose staggering amounts of data they didn't even bother to encrypt.

As for personal data, I keep it on a single memory stick, encrypted. When in transit the stick stays on its lanyard around my neck, otherwise it sits in my desk drawer.

Anything you can encrypt can be unencrypted. A german enigma machine makes a million, million, million combinations. Allegedly with no cluses it will take a Cray supercomputer a year to crack a message, but in the 1940's it was being done in hours by very clever people with square ruled paper and a valve powered calculator.

A few years ago new scientist ran a competition to have someone break 128bit encryption. It was done in 8 hours by someone linking 2000 PC's in the Eagle Star insurance office overnight. If data is really sensitive and worth getting at it will be unencrypted. Physically securing it is the only way to protect it.

I had a USB stick with scans of bank statements, my CV, and other no-so-important data (funny vids and mp3s). I stupidly had it connected to my keyring, but by the cap end of the stick. Lo and behold, one day after a walk around the local shopping centre, I pulled my keys out to find just an empty cap connected to the ring. Cue hours of frantic searching and retracing my steps around the shops, with no luck. Funnily enough, I now connect the important bit to my keys!

We had to scratch our daughter's name on her memory stick before she started taking it to school. All of her class - 10/11 year olds - have to have one.

So these should come with a label area - to make it easier.


And BTW we got a 4GB one as it was pretty cheap and her teacher thought it was overkill. What if she wanted to record a video to share with the class?

Regarding 50. At 09:10am on 18 Sep 2008, Peter_Sym wrote:
Anything you can encrypt can be unencrypted

Very few people have the skills to decrypt. (or the network of computers and a weekend). That's like saying "don't put bars on your windows because they can be removed with small explosives or a blowtorch"

Keep it real and thanks for choosing Earth. Remember to Encrpyt :)

I've got the USB memory stick safely plugged into the computer, but where's the chain, the keyring, or the house key? Blowed if I know!

Trouble with folks who lose copies of other people's data is that they don't understand the consequences of the loss which doesn't affect them personally at all so they don't care.

PGP or GPG encryption with a 1024 bit key-length is safe for longer than most of us are going to live. It's both unencumbered, and financially free. so there is absolutely no excuse why it's not used to protect sensitive data. Just don't forget the pass phrase.

Refer rfc1149 and rfc2549 for fast and secure transmission of data using memory sticks.

i have to say i did once leave some important files on a train, having been told that morning "whatever you do DON'T LEAVE THESE ON A TRAIN"... luckily the woman i was sitting next too passed them out of the train window to me as it moved off the platform and a national crisis was averted.

it is carelessness and there are no excuses other than it was 7:15am and i was half asleep.

my husband successfully deleted my Masters dissertation off my USB memory stick (thank god for back ups) and in turn i put his USB stick with his recently completed term reports through the washing machine. i think we're just a hopeless pair really.

the final straw was when i lost 5000 songs not to mention 5years worth of photos off my hard drive when moving the data from computer A to computer B. some people are just unlucky.

I haven't actually lost a memory key, but I did have a dream about losing one (or lots).

I was doing some polling for a politician and had a big brown paper bag full memory keys; which split while I was walking along the street spilling them everywhere.

I've never lost anything of any significance, but have managed to delete data - quite a lot of it and some of it quite important, like the entire sales history at one small electronics firm. Luckily all this was backed up and could be restored at the cost of half a days work for the sales team (of 3). My job was deemed so insignificant... but my power so huge!!!

I dropped a USB stick in the parking lot at work in Anchorage, Alaska one October, it was promptly covered by snow and I gave up looking for it. The following April, it was found and handed back to me after the snow finally melted, still in perfect working order. It was at the other end of a large parking lot, it must have been ploughed a few times to travel that far.