in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Disk Encryption: 17 Iowa Department of Human Services Computers Stolen

According to the desmoinesregister.com, a total of seventeen computers were stolen over two nights at the Iowa Department of Human Services.  The computers, thankfully, were only used to access a central database, so there wasn't any personal information saved on them.  Plus, each one appears to have been protected with drive encryption like AlertBoot.

Faulty Locks?  A Guy with a Master Key?

When 9 laptops disappeared into the night on September 25, police have found that the door to the office was not forced.  Because there had been issues with the door closing properly, a warning was given to employees that they should check whether the doors locked correctly before leaving for the day.

The next day, an additional 8 laptops were stolen.  All signs indicated that the doors were locked correctly.  Since then, the door lock has been changed and the county is looking to replace it with an electronic-key entry system.

Computers Protected

All of the stolen computers were encrypted.  However, it appears that the spokesperson for the department of human services wasn't too keen when it came to encryption software.  First, he noted that each computer was password-protected.  It was only when I read the following that I was certain encryption was used.

"If the correct password and user name was entered into any of the stolen machines, the encryption system would shut down the stolen machine. Literally, the operating system would be instantly erased."[desmoinesregister.com]

The above is a characteristic of disk encryption software.  That's not to say that all disk encryption software suites have the ability to do the above.  However, I know of no password-protection software that will delete information on your entire disk.  How does it work?

Well, to begin with, a little clarification: it's easy to confuse password-protection and encryption because the two, from the point of the computer user, look the same: there is a field where you enter a username and a password.  If you don't provide the correct one, you don't get in.

That's where the similarities end, though.  With password protection, there are easy, well-documented methods to get around it without providing the correct credentials.  Encryption does not suffer from such weaknesses.  Now, on to how encryption can delete your computer's contents.

Automatically Deleting Data on Encrypted Machines

Full disk encryption -- where the entire disk's contents are encrypted, regardless of what's stored in it -- literally encrypts a computer's entire hard drive.  Since the operating system is also stored in the computer, it is encrypted as well.  Problems related to starting up the computer are solved by using "power-on user authentication" (POA; it looks like, surprise, a password-prompt) that will, upon receipt of the correct username and password, allow the OS to start up normally.

With literally everything on the disk encrypted -- and encryption being, for the lack of a better term, the randomization of data, i.e., unstructured data -- you can "delete" data by losing the encryption key.

The encryption key is the secret sauce that takes plain text and turns it into a jumble of words, and reverses the process when necessary.  If you lose this key, you lose the ability to transform the jumble into meaningful data.  So, the Iowa Department of Human Services computers are programmed so the key on each computer is deleted after three incorrect log in attempts.


Related Articles and Sites:
http://www.desmoinesregister.com/article/20111124/NEWS/311240065/-1/gallery_array/17-computers-stolen-from-DHS-during-separate-burglaries-remains-mystery

 
<Previous Next>

Crazy Like A Fox: Online Bingo Raises ICO Custodial Sentence Issue

Data Encryption Software: Southwark Council Avoids Penalty

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.