Still More on Laptop Security & Thefts, Encryption and Training
Yes, I'm still on a qwest to learn about laptop thefts, losses, and other related crimes, mistakes, and oopses. If you would do a study to determine the actual amount of business data and personal information stored
on these meandering data minefields I'm sure it would be mindboggling...
Today the Arizona Republic published a report, "Lost, stolen laptops bring security risks." Agree...the title tells us nothing new.
However, there are some interesting statistics within the report; organizations can put these into their info sec file and use them within their awareness efforts.
Some of the nuggets include:
"Last year, 1,970 laptops or laptop-related items were reported as stolen to the Phoenix Police Department, up from 1,667 in 2004. As of April 30, 663 reports of laptop or laptop-related item theft have been filed this year. "
This is just in one city! I see every day in the police reports from across the U.S. reports of stolen laptops/notebooks/Blackberries/PDAs/etc.
"Tom Liffiton, a special agent for the FBI who heads a cyber-crime squad in Phoenix, said that while most laptop thefts go unreported to the FBI, "I can tell you I recently talked to a very large bank that said they lose a laptop (to theft) every day." The good news for the bank and those who do their banking there is that, unlike Fidelity, the bank encrypts the information on its laptops."
Kudos to Fidelity for encrypting all data on their laptops! Yes, another rallying cry of mine...encrypt data on mobile computing devices! Disk encryption is really easier and more cost efficient than ever before. Given how many of them are lost and stolen it just makes good business sense.
"The International Data Corp. reported in 2005 that PC makers predicted laptops will account for more than 40 percent of the PC market in 2006-2007, and expected that figure to pass percent in 2008. According to FBI reports, more than 97 percent of those laptops are never recovered."
Not surprising. How many of you have your laptops/notebooks/etc. tagged so that they can be tracked and reclaimed whenever they are recovered by law enforcement authorities? An untagged device is a prime target for easy resale. Just look on eBay...as of this moment on 5/13 there are many different types of computers for sale:
Desktop PC Components (3592)
Desktop PCs (3063)
Software (2695)
Laptop Parts & Accessories (2104)
Laptops, Notebooks (1649)
Input Devices (1406)
Vintage Computing Products (522)
Monitors & Projectors (515)
Networking (501)
Apple, Macintosh Computers (404)
How many of these do you suppose were lost or stolen?
"Among the companies that take a serious approach to the matter of laptop security is Intel, where roughly 85 percent of employees use company laptops. All employees are required to participate in a security awareness class, which Intel updates every year."
Training is also of great importance for any security effort. Wonder if Intel also requires all data on the laptops to be encrypted?
Also, remember encrypting data on laptops, and providing training and awareness, all contribute to compliance with numerous regulations.
Technorati Tags
regulatory compliance
information security
data protection law
encrypt
laptop security
corporate governance
awareness and training
privacy
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine