In the aftermath of the laptops being stolen last year, security procedures - including the blanket use of encryption on all laptops and USB sticks - were imposed, but the report from the consultants does not appear to paint a pretty picture.
Although details of the security report are not being made public, the local Hertfordshire press has gleaned enough to generate a few news reports on the subject.
The Herts Advertiser says that the report highlighted a number of lapses in security
"Although the interim report found procedures had been significantly improved since the theft, including physical locking of hardware to desks and the encryption of laptops and memory sticks, a number of exposures' were still found such as staff sharing passwords", said the newspaper.
The paper added that the report "also identified several failures and disappointments, including the laptop theft, since Northgate (a contractor) was employed in 2008 at a cost of about £2.5 million over seven years.
"Recommendations in the final report included an updated ICT strategy, audit files for all log-ins and access to databases, and steps to ensure the trustworthiness of council and Northgate staff with access to the council's hardware, software and data assets", noted the paper.
According to Andy Cordial, managing director with Origin Storage, the theft of the laptops caused an uproar and, although staff are physically locking hardware to their desks, and portable device data is being encrypted, employees are still taking a poor approach to security generally.
Cordial, whose storage management firm supplies portable data security systems with multiple layers of defence to clients, says that using encryption is only part of the equation when it comes to protecting data.
A Quocirca report issued last July, he said, advised companies take better control of their critical information and use all possible methods to prevent information falling into the wrong hands should a device be lost or stolen.
The report, he added, concluded that there are significant productivity gains to be generated through the ease of good administration and management when it comes to protecting data in transit.
"Multi-layered data systems are now the best option for organisations wanting an easy to use portable data security system", he said.
"When added to other security procedures such as positive staff vetting for employees handling private data, the multi-layered defence strategy starts to make sense - especially if how the security layers work are easy to understand, as well as use, for the employees concerned", he added.