in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

UK Hospital Struck Twice With Computer Theft. Data Encryption Not Present

The Royal Bolton Hospital in England has fallen victim to computer theft—twice.  In each instance, medical information was on the stolen devices.  The thefts took place in October and November, but the public is being alerted only now.  I guess someone is thanking an all-powerful being that the UK does not have HIPAA legislation to follow.  Although, that Data Protection Act they have is nothing to sneeze at.

 

I used to have a beef with PR people stating that a stolen computer had “password protection but was not encrypted” trying to reassure the public about the safety of their data.  Of course, the general populace started getting wise to the fact that it meant absolutely nothing security‑wise, so it seems to have been dropped in favor of other stuff.  Such as this one: There is no evidence at all that whoever took the computers took them for the data.  The thieves probably targeted the computer because of its monetary value and portability, and other reasons for inducing stickyfingernessity.

 

This one is not soothing to the troubled mind as the other one—for one, it doesn’t have that forward‑projection of safety: Woo! Passwords!  Double-layer!  Protection! Bam!  Whamo!  Encryption?  What’s that?  Doesn’t that require passwords as well?

 

Plus, it’s relatively easy to draw a parallel to show the above pronouncement as meaningless.  I might steal a bag, but not because it’s a bag.  It’s Prada. (Thank you, Wayans Brothers.)  A portable thing of high value.  But, hey, what’s this?  Credit cards? We-heh-hell, I’m eating tonight!  The problem with this new line of “don’t worry, be happy” pronouncement is that one has to presume that a thief steals a computer either for its resale price or its data but not both.  Most people know better.

 

At any rate, the hospital has waited several months to alert their patients of the breach and that they should watch out for any forms of ID theft—if they haven’t become a victim already, I guess.  Perhaps in an effort to create a bulwark against criticism, over 300 laptops and desktops are being recalled from staff to have encryption software installed, a step in the right direction.

 

Another step in the right direction?  They’re going to centralize the data, so that individual laptops will not be carrying all that data, all the time.  Of course, they’ll want to make sure there are restrictions on what can be saved locally to the laptops’ hard drives, but it should help to improve overall security.  One wonders why they didn’t do these things sooner.  Though, if my military experience is any guide, you really start to move once the other cheek has received a good kicking as well.

 

The recall of 300 computers will have a temporary impact on the workforce; it has to.  If the Royal Bolton Hospital had signed up with AlertBoot, they would not have needed to recall the laptops.  A 2 MB file could have been sent via e-mail, downloaded, and installed by each user—a file size that is smaller than that of a digital picture captured by a high‑end camera phone.  Plus, the reporting engine would have allowed the IT staff to keep tabs on users actually encrypting their machines.  But, hey, better someting that nothing; better late than never.

 
<Previous Next>

Laptop Encryption Not Present In Computer Lost By Blue Cross. 300,000 Possibly Affected

T. Rowe Price Contractor Loses Laptops – Whole Disk Encryption Not Present

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.