A former prisoner of the Plymouth County Correctional Facility was found guilty for intentionally damaging the prison’s computer network while he was an inmate.

• The inmates are provided with a computer for legal research with security controls to prohibit Internet access, e-mail, or using other computers or computer programs. Despite these restrictions, the inmate hacked the computer network to send e-mail
• He provided inmates access to a report that listed the names, dates of birth, Social Security numbers, home addresses and telephone numbers, and past employment history of over 1,100 current and former Correctional Facility personnel and applicants
• He also provided access (without success) an important prison management computer program

Once again we recommend that companies regularly review, control and test to ensure that IT security procedures and guidelines are adhered to.

In this particular instance there was not a 100% physical separation between the networks used by the inmates and the administrative detention network, enabling inmates to gain access to the jail’s management system.

At the Copenhagen Compliance Conference there will be a hands-on workshop on IT Security issues.

Contact us here for a IT Security check list.