Data protection: How a lost USB stick could be the key to finding your ideal career in tech

Data Protection

How safe do you think your data really is?

With the introduction of GDPR in May 2018, the way companies and individuals protect their data has become even more of a pressing concern. Especially with so much of our sensitive information stored across multiple servers and systems.

We spoke to tech experts the Learning People, to find out more about data protection, and learned how something as simple as a lost USB stick could either be incredibly costly – or the key to finding your ideal career in tech:


The world’s most expensive USB stick?   

In October 2018, Heathrow Airport was fined £120,000 for something labelled as ‘serious data protection failings’.

The cause? A single lost USB stick.

The data drive – thankfully recovered on a London street by a member of the public – was lost by a member of airport staff in late 2017.

It contained six folders with maps, videos and other documents related to the airport’s security systems, including everything from police patrol timetables and locations of security cameras, right through to the Queen’s exact route to Heathrow.

In the wrong hands, the information could have been deadly. What’s more, under new GDPR legislation, the penalty could rise to as much as £17 million for the same offence.

So, what went wrong?


Data encryption – what you need to know

Crucially, Heathrow didn’t have any data encryption policies in place – meaning their data was all left completely unprotected. And it isn’t just important for lost USBs.

Unencrypted laptops and mobile devices are also incredibly dangerous, leaving any sensitive data you have on your system fully open to potential hackers.

Encryption can also be a valuable defence against hacker attacks. Because even storing your data in The Cloud doesn’t mean it’s not susceptible to cyber security threats.


Data protection training

In the case of Heathrow Airport, staff had also never been trained about data protection, network storage or security – leaving a huge knowledge gap in the organisation.

In fact, less than 2% of the airport’s staff received some element of formal data protection training.

As a result, staff continued to use their own devices to store data. Something which directly led to the massive security breach they ended up with.


Personal protection

Data protection isn’t just important from a professional standpoint.

In 2016, the University of Illinois Urbana-Champaign dropped 297 drives across the grounds of their university – and found that a staggering 50% of them went on to be accessed by the people who found them.

Although many highlighted being good Samaritans as the reason they opened the drive, they were unwittingly opening themselves up to a multitude of malware threats.

Even if they didn’t open any of the files themselves, some corrupted USBs are programmed to infect your computer as soon as you plug them in. Something which could leave all of your personal files exposed to hackers without you even knowing.


The data protection skills gap

With GDPR legislation in effect from May 2018, businesses are now more aware than ever of the need to protect their sensitive data.

But that doesn’t necessarily mean companies are doing enough.

Although 65% of the 800 UK employees we surveyed said that they weren’t allowed to access personal USB sticks at work, most still don’t have specific staff on board to help ensure they’re GDPR compliant.

Only a quarter of businesses we surveyed earlier this year said they have an in-house Data Protection Officer responsible for heading up their cyber security.

And according to CyberEdges 2018 report, four out of five organisations can’t find qualified staff to fill their cyber security positions.

As a result, the lack of qualified staff in this sector has led to businesses frequently coming under attack of cyber-crimes.


Cyber security training

With over 800,000 additional workers with digital skills anticipated to be needed in the UK over the next five years, if you’re looking for a new career, now is the time to get involved.

Not only are cyber security careers incredibly lucrative, they also don’t usually require a degree to get started. In fact, a professional cyber security qualification generally won’t ask for any prerequisites to get started.

And, as you can get qualified in as little as six months, you could open the door to a new career in less than a year. Not to mention know what to do the next time you pick up a lost USB.


Why study with the Learning People?

The Learning People is one of the world’s leading providers of IT qualifications.

They’ve exclusively partnered with the prestigious EC-Council, the world’s largest cyber security technical certification body, to become the singular reseller of their cyber security and ethical hacking courses including Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA), Certified Network Defender (CND) and much more.

Other benefits of studying with the Learning People include:

  • Free, expert career advice
  • Award winning StudentCareTM
  • CVdetox recruitment service
  • Flexible payment options
  • An easy-to-use online learning platform
  • Progress reports, so you can see how you’re getting on
  • NUS student discount card
  • Global community of peers

Find out more



Interested in a career in cyber security? Talk to the Learning People today.


learning-peopleThe Learning People are one of the UK’s leading eLearning providers, specialising in world-class certifications in project management, IT and digital marketing.


Find a job