in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Disk Encryption A Great Ingredient For Anheuser-Busch Employees

Laptop computers containing sensitive information on current and former Anheuser‑Busch employees have been stolen from the beer maker’s premises.  The beer company has certainly been making a splash in the news: first, they get bought out by InBev, a Belgian conglomerate, releasing a tsunami of waffle‑related jokes; now, this.

 

It is not known how many are affected since the company has not revealed such information.  UPI.com, however, states that the lost data contains Social Security numbers, addresses, marital status, and whether an employee had used a “mental health counseling service.”  Anheuser‑Busch is offering affected employees a year of free credit reporting.  Signs seem to point towards the potential of a data breach, i.e., that perhaps laptop encryption solutions like AlertBoot was not used.

 

There are some conflicting reports, however.  Some covering the situation write that Tim Farrell, the company’s vice president for corporate human resources, revealed in a statement that one of the laptops had used encryption to secure information about employees and family members.  Others claim one laptop was stolen, and that it was encrypted.  Others don’t mention encryption at all.  In a rush to publish anything, people are doing exactly that: publishing anything.

 

There are salient points in the haze of confusion, though.  The first is that these devices were not lost at the airport or left in the backseat of a car.  Nope, they were stolen from their offices.  Now, a brewer doesn’t require the security levels found at, say, a nuclear weapons design plant.  However, Anheuser‑Busch being a Fortune 500 company, I don’t think I’d be off‑base imagining they at least had security guards in the lobby and doing the rounds at night.

 

And yet stuff got stolen.  The fact that these computers were laptop computers is irrelevant.  If laptops weren’t available, who’s to say that desktops wouldn’t have been stolen in their stead?  In fact, I’ve felt for a while that the only way to ensure laptop computers don’t get stolen from an office is to have something even more valuable lying around the office as bait, like an impressively intricate diamond necklace.  Of course, it’s also a ridiculous way of preventing something from getting stolen.  However, the concept of having bait lying around is certainly used to prevent random burglaries of the really expensive stuff: for example, placing a jewel-encrusted golden statuette to distract the thief from the multi-million dollar Matisse hanging from the wall.

 

The other salient point is the credit monitoring.  Now, the fact that it’s being offered indicates to me that there is a chance of a data breach occurring (although, the absolute chance of an actual breach would be quite low.  As most security professionals point out, machines generally get wiped and re‑sold).  If all of the employees data had been encrypted, then such an offering wouldn’t be necessary.

 

That’s why I encourage full disk encryption over file encryption.  Files dropped into a computer where the entire hard disk is encrypted are protected automatically.  If the computer gets stolen, the contents of that computer are considered safe, even by the most cynical security consultants.  File encryption—also known as content encryption—also feature nearly iron‑clad data security; however, individual files have to tagged for protection.  It’s not as hassle‑free as full disk encryption, and it does require human intervention—usually the weakest link in the security chain.

 

Update (Aug 5, 2008): Anheuser-Busch released some more information over the weekend.

 

 

Related Articles:

http://www.dailypress.com/news/dp-local_busch_0729jul29,0,6332846.story

http://hamptonroads.com/2008/07/burglars-get-computer-anheuserbusch-employee-info

http://www.stltoday.com/stltoday/business/stories.nsf/business/story/60ae723cb05c6ec2862574950066ec6d?OpenDocument

http://www.upi.com/Business_News/2008/07/29/Anheuser-Bush_reports_laptop_theft/UPI-33051217361567/

 
<Previous Next>

File Encryption Could Have Helped Grady Memorial Hospital To Protect Voice Files

Full Disk Encryption Is Already There When The Alarm Rings

Comments

AlertBoot Endpoint Security said:

On a previous post , I had mentioned that Anheuser‑Busch had declined to reveal details on a data breach

August 5, 2008 6:09 PM
 

AlertBoot Endpoint Security said:

A laptop with disk encryption is a safe laptop. And that’s what Anheuser‑Busch (stock symbol: BUD) has

August 7, 2008 2:21 AM
 

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.