It’s a story of an intern blamed for losing a large fraction of the entire state of Ohio’s personal information. I blame whoever the first real employee was in the line up from him. I don’t blame the contractors. I was a contractor, and your responsibilities are critically limited. The State of Ohio should have had an actual backup plan, not “haul this home in your station wagon”.
Here’s an outline of how we treat this kind of data at UltraMegaCorp where I work:
1. The backup unit is inside a caged area of the data center, with a locked door. 2. The data center housing the backup storage unit requires entry through an oubliette with two locked, key-carded, handprint-scan-recognizing doors, separate for in and out. 3. The building housing the data center requires a keycard to get in, and has a guard 24/7. 4. The grounds have a keyed gate with plenty of surveillance.
So much for physical security of the backup system. Then when I handle the backups:
5. I am granted entry to the backup cage. 6. I hook up a laptop to eject the tapes to be shipped off-site. 7. I print out a list of tapes and the date they are sent. This list will be signed, dated, and included inside the container. 8. I fill out a form for the driver and retain a copy. 9. I put the tapes in the case and secure it with a lock. 10. The driver has to do all the same security checks, fills out his part of the form, and transports the tape case in a locked truck. 11. It’s stored at a facility with similar security precautions, totally separate from the other tapes nearby.
This may sound like overkill, but when you store the financial data for millions of people, it’s your fiduciary responsibility.