in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Tennessee Experiences A Blue, Blue, Blue Christmas: Computer Theft Reported Over The Holidays

Tennessee is alerting Nashville residents that 337,000 voters in the city have had their information compromised.  Thieves stole laptop computers that contained the names and Social Security numbers of every registered voter.  Initially, it was reported that only the last four digits of the SSNs were included, but further examination showed that this is not the case.  The election commission office is preparing to send notices to those affected.  There’s no mention on whether the stolen laptops had any security measures in place, so one must assume the worst.

 

Also, the Department of Safety is reporting that a desktop computer and laptops were stolen from their offices.  A spokesman for the department said that the computers were blank because they were about to be distributed to employees, and there shouldn’t have been any personal information on the stolen devices:

 

“Even if they did get access to it, they’re almost worthless to them,” said Browning, the spokesperson. “They wouldn’t be able to access the information – security would prevent them.”

 

The only security to protect the contents of those computers was in the form of a password, not encryption, though.

 

What’s ironic about the Department of Safety incident, other than that the department is not safe from break‑ins, is that they believe that passwords = security.

 

They’re not wrong, in a sense.  Even if you were to encrypt a computer via AlertBoot, a username and password is assigned so only those with the right to access encrypted data are able to do so.  Otherwise, no one would be able to access the encrypted data, and what good is that?  However, a password tied to an operating system like Windows, as opposed to an encryption system, means the password can be bypassed by bypassing that operating system.

 

For example, the hard drives on the stolen machines could be hooked up to another computer.  Or, one could run a CD-based Linux OS (which are free, by the way) on the stolen machine and gain access to the data that way.  There are other ways of doing this besides the two listed.

 

Is the Department of Safety safe from a data breach?  After all, there’s nothing on those computers, regardless of whether the passwords in place actually offer protection—they were wiped clean.  Well, perhaps.  The problems with “deleting” data is that it doesn’t really delete the data; that’s why Norton Utilities has the ability to recover deleted data.  Nope, what really happens is that by deleting data, the operating system has no way to access it anymore.  Not even formatting a hard drive does the job, since formatting a disk technically checks and prepares the disk for further recording, so you’re still stuck in a situation where previous data still reside in the hard drive but, again, not easily accessible.

 

With the correct, specialized software, the data is recoverable.  And don’t let the word “specialized” fool you—such software is easily (and cheaply) available over the internet.  Only by securing information via encryption can you ensure that information doesn’t fall into the wrong hands.

 
<Previous Next>

Data Protection Is The Law In Oregon At The Turn Of The Year: Data Encryption Can Help

Update On Tennessee Experiences A Blue, Blue, Blue Christmas: Computer Theft Reported Over The Holidays

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.