in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Protection Is The Law In Oregon At The Turn Of The Year: Data Encryption Can Help

The associated Oregon senate bill, The Oregon Identity Theft Protection Act (SB 583), is surprisingly short but to the point—and extremely readable.  It feels like someone other than lawyers wrote it up.  It also seems to build on past legislation already in place for personal data protection.  For example, those who are already in compliance with HIPAA would also be in compliance with SB 583.  The former may carry a tag of ‘96 (as in, Health Insurance Portability and Accountability Act of 1996), but eleven years later, the concept on how to protect someone’s information hasn’t changed; it’s the implementation that had to catch up.

 

And catch up it did.

 

There are numerous regulations in HIPAA for protecting patient information, including what people have termed “shoulder surfing,” the act of getting information by looking over someone’s shoulder.  Back in 1996, there was no method to prevent that unless you had a wall against your back.  And even then, if you were on a plane, chances are your fellow passengers could see what you were doing.  Now, companies such as 3M sell screen privacy shields so the user can see the screen, whereas someone to the side of the user cannot.  The technology already existed back then, but there wasn’t enough of a marketing push, I think.

 

However, in this day and age, shoulder surfing is the least of one’s worries.  The big news, time and again, has been the loss of massive amounts of data via the loss or theft of laptops, CDs, and other portable, mobile devices.  The problem, of course, is that theft and loss cannot be prevented one hundred percent of the time.  It can be minimized and that’s the best one can do, no matter how serious the consequences of something going wrong.  Don’t believe me?

 

Two months ago, the US Air Force had six nuclear missiles end up on a cross‑country flight by mistake.  If the plane had gone down during the 36 hours those missiles were technically missing…I can imagine The Siege becoming reality while people try hash things out.  Despite proclamations by wags that “military intelligence” is an oxymoron, the military does have some of the best minds available for making sure stuff like this doesn’t happen.  And yet, a complete break‑down of procedures by multiple people, at multiple levels did happen (a rarity, granted).  One would be a fool not to expect it to happen ever, despite all the paperwork, code punching, military guards, and whatever other protection the USAF has in place to make sure nothing untoward happens to those nukes.

 

How do you and your business compare when it comes to protection?  Can you afford sentries armed with M-16s to ensure no one breaks into your offices?  Are your employees any less inclined to make mistakes or to flaunt policies and regulations, despite the fact that military personnel face a court‑martial (and a dishonorable discharge) for such actions and your employees face a pink‑slip at worst?  The answer, and I would assume that this is a safe guess, would have be “no” to that last question.  There is only so much a person can do to control the behavior of employees at any organization.

 

So how does one comply with HIPAA or the new Oregon law if theft and loss can only be minimized?  Why even bother?  Disaster in the form of a data breach will strike sooner or later, right?  Well, the point is to lower the odds of it happening.  So low, in fact, that it may never happen in the next couple hundred years.

 

And since what needs to be protected is customer data, not the computer itself, a solution for ensuring the data doesn’t fall into the wrong hands is the correct option.  Enter AlertBoot.  Encryption services like AlertBoot secure the data on digital devices, so that the potential for a data breach associated with theft or loss isn’t an issue anymore.  Back in 1996, encryption was an option but the technology had some catching up to do to be useful for everyday users.  The only thing one has to worry about today when it comes to encryption is making sure employees don’t write the password on a Post‑It note and stick it to the bottom of the keyboard.

 

Of course, if you find an employee doing this, you’ve got other things to do besides worry about loss of data.  For example, you’ll need to spend some time carving a couple of notches below “military intelligence” on your “data policy enforcement stick.”  You know, before you beat that employee to death with it.  I’m sure the judge and jury will understand once they realize that you took the best approach to protecting people’s data and ensuring it stays protected.

 
<Previous Next>

Data Security And Computer Disposal: There's Delete And Then There's Delete

Tennessee Experiences A Blue, Blue, Blue Christmas: Computer Theft Reported Over The Holidays

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.