Technology for dealing with lost laptops
By Nicole Kobie,
Lost laptops and misplaced CDs seem to have become a near-weekly occurrence - in the past week, there'ïs been news of three lost Ministry of Defence (MoD) recruitment laptops, four court discs from the Ministry of Justice, and a sanction from the data protection watchdog for Marks & Spencer.
With the near-ubiquity of portable devices for mobile working, it's no surprise the things get lost, stolen or otherwise misplaced. But when said devices carry not just corporate secrets but the personal, private details of millions, such mistakes carry a heavier weight.
Indeed, the case of the lost laptops from the MoD has had many asking what measures should have been in place - and why so much data was being held on them.
Secretary of State for Defence Des Browne told parliament that the MoD had proper procedures in place to keep sensitive data off of portable devices and that the laptops had encryption software - yet the procedures were not followed and the laptops were not encrypted.
The human factor
Such data breaches have shown users simply do not follow policies. And, people simply can't be trusted to not lose their devices - or leave them in the car overnight, where they can be stolen.
Alan Bentley, the vice president of Lumension Security, said education is necessary. "At the heart of all the recent data losses, is a lack of awareness and coherence to the organisation's security policies. The 'human factor' is often the weakest link in any security armour and the MoD is no exception to this rule."
He called for organisations to properly educate employees about the risk of data theft and to stress what happens if they don't take heed. "Unless employees start to understand that their job is on the line if they fail to follow procedures, this culture of careless data handling will continue," Bentley said.
Joe Fantuzzi, chief executive of Workshare, said: "My sense is that policies are written to be broken... Policy is good to have as a baseline, but policy won't prevent problems."
So the question is: what will? And what will stand up to hackers should they realise the potential of the data on a stolen disc?
Clive Longbottom, principal analyst at Quocirca, runs down the problem: "Policies are spineless, and get ignored. Therefore, companies have to design for idiots, and this means various approaches." First, Longbottom suggests centralising and locking down data, so that when a device is stolen, no data is lost. Second, and more importantly, is to encrypt the information which is on a device.
You may also like...
advertisement
Latest Security News
Microsoft yet to fix six month old Virtual PC flaw
A US security firm has claimed it reported a flaw in Microsoft’s Virtual PC hypervisor software back in August 2009, but the software giant is yet to act on it.
advertisement
Most popular
- Head to Head: Office 2010 vs Open Office 3.1
- Google Street View slammed as 'a service for burglars'
- Apple offers new iPad if battery dies
- Apple shifts 120,000 iPads on first day on sale
- Google Nexus One review: A week with the superphone
- Street View goes UK wide tomorrow
- HTC Legend review
- Google expected to shut down China search soon
- Symantec Backup Exec 2010 review
- Will there be an out-of-band update for latest IE flaw?
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
