in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Hard Drive Encryption: University of Colorado Professor Laptop Stolen From Home

On July 5, a faculty member at the University of Colorado at Colorado Springs had a home burglary which resulted in the theft of two laptops, one of which contained the information of 766 students.  It hasn't been revealed so far if the information was protected via the use of laptop encryption software.

The information included grades, names, and--for 241 students--their Social Security numbers.  The data breach affects students who studied at the UCCS between 2003 and 2009.

It was noted in the embedded video at kttv.com that the university stopped using SSNs as student ID numbers back in 2005, which probably accounts for the low number of SSNs in light of the total number of students affected.

This brings to light two interesting questions:

  1. Why did the faculty member have in his laptop SSNs from 4 years ago?  If the UCCS did everything correctly, it shouldn't have been there.  Unless, of course, students who enrolled at the university in 2005 still were using their SSNs as student IDs.  If that were the case, then they would have graduated this year on a four-year program...
  2. This professor has been using the same laptop for six years?  Makes me wonder what he teaches.  Chances are it's not related to computers...

What If Encryption Software Had Been Used?

Already, there are people commenting on how the information should have been on secure servers only.  In fact, I've read a comment that states that the information should have been on "secure, non-portable servers."

I'm not sure what that means because, the last time I checked, any computer of any size can be stolen.  In a sense, they're all portable (easily carried vs. movable/"carriable").  If you want something that's not portable, you'd have to go back to 1970 when a "computer" was essentially a wired room; i.e., the room is the computer.  Nobody wants that.  A better solution may have been the use of whole disk encryption.  This would have ensured the integrity of the data.

It's very hard to blame the professor here.  I mean, he didn't have a laptop stolen from his pickup truck while he was playing a round of golf.  The computer was stolen during a break-in.  For all intents and purposes, the information on that computer was probably as well protected as it would have been in a locked room on campus.

People don't actually think that campus buildings are always better protected than residential homes, do they?  Here's proof that they aren't: thieves steal a mainframe computer (as close as it gets to non-portable computers) from a university campus (http://www.dallasnews.com/sharedcontent/APStories/stories/D99E9O001.html).

Related Articles and Sites:
http://www.kktv.com/news/headlines/51897687.html
http://www.krdo.com/Global/story.asp?S=10803897
http://www.thedenverchannel.com/news/20202794/detail.html

 
<Previous Next>

Laptop Encryption Software: Colorado City Engineer Computer Stolen While Golfing

Email Protection: McAfee Has Small (But Ironic) Data Breach Via Email Attachment

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.