#privacy: UK’s environmental agencies have misplaced 540 devices

A Freedom of Information (FOI) request has revealed that two organisations have lost 540 devices over the past three financial years. 

The Department for Environment, Food, and Rural Affairs (DEFRA) accounted for 100 devices, and the Environment Agency accounted for 440. 

The most common device lost were mobile phones, with the DEFRA losing 63 and the Environment Agency losing 363. 

Laptops were the second most lost device, with the Environment Agency misplacing 59 over the three year period and DEFRA missing 35 laptops. Only 21 tablet computers were lost, 3 from DEFRA and 18 from the Environment Agency. 

Although the statistics display the Environment Agency to be misplacing the most devices, it also appears to be the organisation that has improved its device security processes. The agency recorded a decrease of 24% in lost IT kit, whilst DEFRA reported a 43% increase. 

A spokesperson from the Environment Agency wrote: “Due to the nature of our work, we have operational staff working in the field to protect the environment and support our incident response capabilities.

“Because of this there is always a risk that exposure to threats concerning mobile technology will be increased. All staff are required to work in accordance with out IT and security policies so that we continue to work toward minimizing losses, and risk associated with losses.”

Andy Harcup, VP, Absolute Software commented: “With government departments ploughing money into cyber security systems, it’s unbelievable that so many phones and laptops are going missing. Every single lost device is a potential goldmine of confidential information and should be probably secured so that if stolen it can be tracked, frozen and recovered.”

“It’s also critical that government agencies have capabilities in place so that when mobile devices are exposed to threats outside of their control, they are able to locate the devices whether they are on or off the network, and wipe the data on the devices in order to comply with critical regulations like GDPR.”


Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.

Reserve your place before 2nd October, and receive VIP access to PrivSec Global which includes priority access to limited space sessions, workshops, networking opportunities and exclusive content.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.