Experts Discuss Company’s Demise, Importance of IT Oversight
DATA PROTECTION—U.S.October 9, 2012
IDG News Service reports on the breach at broker-dealer GunnAllen, which resulted in the U.S. Securities and Exchange Commission’s first privacy fine for failing to protect customer data. In April 2011, two individuals were fined $20,000 and a third $15,000 for “aiding and abetting GunnAllen’s rule violations,” after a GunnAllen representative downloaded accountholder files to his personal thumb drive as the company prepared to liquidate. One privacy expert says weaknesses in the broker-dealer’s outsourced IT program, which would lead to numerous problems before the company’s eventual demise, demonstrates the importance of due diligence, contractual obligations, monitoring and audits when it comes to outsourced data security.