in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Drive Encryption Missing On Most Computers In Chateau Office Building Theft? 60 Business Affected

The Chateau Office Building in Woodland Hills, California (billed as a landmark building by the media) experienced a "brazen" theft: approximately 60 businesses at the complex were burglarized in one night.  The thieves only targeted computers, and the case shows why the use of hard drive encryption software like AlertBoot is so important to secure computer data, even if other security measures are in place.

To say that the thieves were targeting data would be more accurate, as some of those affected have concluded.  The evidence?

  • Computers and files taken from businesses
  • Other electronic equipment still in place [cbs2.com]
  • "In one office, a pile of hard drives had been stacked in a corner, ready to be hauled out." [latimes.com]

That last one, it seems to me, is pretty conclusive.  Only people targeting data would take the time to take disks out of computers.

The office building did have security, including a guard making the rounds, as well as a security camera system.  The latter was disabled, and the guard was called away on some type of emergency.

It is believed the thieves had a master key that gave them access to all offices.

What Are The Damages?

It looks like businesses are still trying to seize up the damages, but initial accounts don't sound so good.  According to the latimes.com:

  • Credit card numbers for 7,000 clients stolen (at one business alone!)
  • Tax documents of 800 clients (probably includes SSNs, possibly bank account info)
  • An attorney's computer contained "all kinds of stuff."  (names, credit cards, e-mails, etc.)

Based on the stories covering this breach, it looks like the damages will be extensive.

Hard To Get To The Information? Unlikely

The latimes.com has quoted a victim who stated that password-protection was used on his computers, so "it's not going to be easy to get [to that sensitive information]."  I'd disagree with this assessment.

It is common knowledge among computer and security professionals and enthusiasts that password-protection does not live up to its name.  The easiest way to get around it?  Hook up the hard drive with password-protection to another computer.  Getting the wires is probably the hardest thing: driving 10 miles to the nearest computer store and plunking down $25.

Of course, password-protection would work in those cases where the thieves don't know much about computers (and even then, they could just google the process).

My question is this (and it's a rhetorical one): does the above story sound like the work of some guys who don't know much about computers?

At this point, I'd say the only business owners who can sleep well at night will be those who had used full disk encryption to secure the contents of their hard drives, or those who had used file encryption software to protect just the important files.

California Encourages The Use Of Encryption Software

And the use of encryption software would have been especially useful for other reasons, too.

California is a state where the use of encryption gives business a respite from having to alert those who are affected by a data breach.  I mean, you lose a bunch of computers, and now have to mail out letters to 7,000 customers?  And lose those customers?

Often times, the use of encryption is not just about protecting your customers' data--it's about protecting your business as well.

Related Articles and Sites:
http://www.contracostatimes.com/california/ci_12233315?nclick_check=1
http://www.sfgate.com/cgi-bin/article.cgi?f=/n/a/2009/04/26/state/n183933D66.DTL
http://www.databreaches.net/?p=3291

 
<Previous Next>

Data Encryption On Medical USB Drives From Kaiser Permanente

Managed Data Encryption Service: IRS Shows How Going It Alone Takes Forever

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.