Laptop Data Loss Blunder
By Cloud Direct • 02 Mar 2009
Yet again large organisations (that should know better) fail to do the basics when it comes to protecting their own and - more importantly - our own private data. A quick scan of the web quickly reveals a list of embarrassing 'lost data' events (click on the links to go directly to the article):
An investigation is being launched after a computer holding a million high street bank customers' personal details was sold on an internet auction site. The computer was reportedly sold on eBay for £35 - but the hard drive contained sensitive data on Royal Bank of Scotland and Natwest customers.
In one sense, each of these in isolation could be 'understood' insomuch as mistakes happen - people are only human after all. But the point is that systems and procedures are precisely there to mitigate the consequences of such errors.
Take a lost laptop for example - it is very easy to automatically encrypt confidential data on a laptop - for this to be done efficiently, even over 1000's of machines - and for the data to be deleted or otherwise protected if a machine is compromised.
Partly blowing our own trumpet here I know - but we could have a 1000 laptops encrypted with a managed service within 24-hours. Pre-set or on-demand rules and triggers can be 'pushed' to machines with little effort or delay. So when (stress when) a machine is next left on the train containing my bank account details (think any confidential private, customer or own business data), the data will be inaccessible to whomever find or steals it. It's really quite simple.
As for data kept on a USB stick - I heard a statistic the other day at a conference (sorry, I cannot reveal the source) that twice as many USB sticks are lost by travelers each month, compared to the number of laptops lost - so perhaps backing up data to a USB stick has limited value...
Share this post