in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Encryption Software Not Used In Stolen GOSH UK Children's Hospital Laptop

  • Laptop stolen from secure area in hospital
  • Password-protected
  • Encryption already being rolled out at the hospital

A children's hospital in the UK, Great Ormond Street Hospital (GOSH), has lost a laptop computer containing the details of 458 patients.  Unfortunately, the computer did not make use of drive encryption software like AlertBoot.

Branded as a "leading children's hospital" by the BBC, it looks like it was anything but when it comes to data security…or was it?

According to various articles, the laptop computer was stolen from a secure area in the audiology department of the hospital.  The data found on the laptop includes names, dates of birth, patient identity numbers, and an audiology graph.  It isn't mentioned whether other information was also on the stolen laptop.

How secure was the area?  Not mentioned.  However, if my knowledge of hospitals is any indication, we're probably talking about a locked room.  And, unlike the ER, the area was probably pretty tranquil, meaning that an opportunistic thief couldn't take advantage of the surrounding chaos to make off with the laptop computer.

On the other hand, that probably means there wasn't anyone there to stop the thief, either.

GOSH did make note that the laptop computer had password-protection in place, but I think everyone in the UK knows by now that this does not really afford security.  At least, I'm pretty sure the hospital knows.

You see, they were in the process of encrypting all laptops, and provided encrypted USB sticks to hospital personnel, the latter devices being a major cause of data breaches across UK hospitals last year.  If the hospital believed password-protection meant security, why would they go through the process? (Maybe because it's mandated by law, I guess?  But then, they'd also know why it was mandated by law, no?)

It's hard to blame them for the latest mishap, though.  Ideally, a computer would be encrypted before any data was stored on it.  However, most organizations are stuck in a situation where they have to encrypt computers that are already in use.

And while encryption itself is easy (the computer does all the work), deploying it across a network usually takes time.  Perhaps the use of centrally managed encryption software that can cut down on encryption deployment times would have been ideal for GOSH, in hindsight.


Related Articles:
http://news.bbc.co.uk/2/hi/uk_news/england/london/7860086.stm
http://www.thesun.co.uk/sol/homepage/news/article2189324.ece

 
<Previous Next>

Data Breach Cost: VA Agrees To Pay $20 Million For Lost And Recovered Laptop

Entire Hard Drive Encryption Is Just One Facet Of Computer Security

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.