in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

The Heart Wants, And The Mind Says Yes To Mobile Encryption…But The Body Doesn’t Follow?

There were reports last week that a laptop containing personal information on over 160,000 people was stolen from Administaff, Inc., a Houston-based company.  Administaff is a company that engages in outsourcing personnel management services, such as payroll administration.  As such, it’s not surprising that Administaff deals with a lot of personal information, or that the stolen laptop contained Social Security numbers, names, and addresses.

 

How did the laptop get stolen?  From the backseat of an employee’s car.  Apparently, the employee stopped at a grocery store.  I cannot fault the employee in this case.  People have to eat at some point, and grocery shopping right after work is a natural thing to do.  And let’s face it, not too many people decide to put their laptops in the trunk.  To begin with, everybody knows that there is no cushioning in there—what if you drive over a rough patch and you bust your laptop?  I’m less understanding of the fact that the laptop, nor the files with sensitive information, were encrypted.

 

According to an article in the Houston Chronicle, the computer was “password-protected.” I think it’s safe to assume that the only thing protecting this particular machine is the Windows logon prompt, which is not as secure as people think it might be.  According to Administaff, not having the file encrypted is in violation of company policy.  You’ll notice that this is what the Gap press release said when they had their security debacle earlier in the month.

 

My guess is that Administaff figured a long time ago that they might run into the problem they are having now and decided that encryption was necessary in the workplace.  While encrypting files with sensitive data is a phenomenal method of protecting information, the problem with such a policy is that the onus falls upon the employees to secure the data: somebody copies some data to a spreadsheet temporarily and forgets to encrypt the file because he had to answer the phone and forgot about it; Murphy’s Law promptly kicks in and the laptop is stolen that same day.  More importantly, if the encryption is done at the file-level, it’s kind of hard to audit the adherence of security policies.

 

A better method, or a complement to file encryption, might have been to encrypt the entire laptop at the hard drive level.  This way, if theft is the reason for the security breach, the company can rest assured that the criminal can not access the contents of the laptop, regardless of whether the correct files are encrypted or not.  Plus, services such as AlertBoot, which offer full disk encryption, come with robust reports for auditing the state of encryption on each machine for which AlertBoot was deployed.  This way, management can ensure that no computer slipped through the cracks when it comes to protection.  It’s obvious that companies know and want to protect their data, and their customer and worker data.  It’s just a matter of how best to enforce that protection (minimal human interference would be the best) and ensure it’s being maintained.

 
<Previous Next>

Data Encryption And SMBs - The Smaller You Are, The Greater The On-Line Threat

Continuing TJX Legal Saga Further Highlights Need For Data Protection And Encryption

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.