How To Protect Your Precious PC Data: From Physical Security To Encryption - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
2/8/2007
11:00 AM
David Strom
David Strom
Features
50%
50%
RELATED EVENTS
[Cyberattacks] Using Data as Your First Line of Defense
Aug 10, 2017
Attend this webinar to learn how you can determine which threats pose the greatest danger to your ...Read More>>

How To Protect Your Precious PC Data: From Physical Security To Encryption

With computer and data theft on the rise, protecting your laptop or flash drive is more critical than ever. Fortunately, there are steps you can take, along with an array of encryption and security tools.

Data security has been in the news a lot lately, as a result of some high-profile corporate losses and thefts of laptops, USB flash drives and other data storage equipment. As more users rely on laptops for their main computers, the chances increase that more PCs will be lost, stolen, or damaged. And this means that the potential for data loss or abuse is high and continues to grow.

Actually, even desktops aren't safe. As PCs get smaller and more powerful, their hard drives can be used to store large databases on them -- information that makes them potential targets for theft. "All the big guys in financial services have been investing heavily in disk encryption for laptops, desktops, and portable devices," says Ralph Figueiredo, a sales manager with Aurora Enterprises and a data security consultant. "They are worried about internal theft of systems from their offices as well." One of his clients in Southern California recently had the CEO's desktop PC stolen from the office, complete with personnel and project records. Two weeks later, disk encryption was deployed on all of the managers' PCs and policies were set up for encrypting USB flash drives.

Clearly, stealing only the CEO's desktop points to an inside theft, but that doesn't change the fact that now is the time for IT managers to protect their corporate PC data. Ideally, this protection should be part of a comprehensive security strategy that includes traditional perimeter defenses such as firewalls and antivirus tools. "Corporations can be tighter than Fort Knox with their firewalls, but [they] don't consider how easy it is for someone to walk into their office, lift a machine, and walk out the front door," said Figueiredo.

Fortunately, there are a wide array of encryption and security tools that can mitigate this potential disaster, including some free or low-cost solutions.

A recent CSI/FBI survey of IT administrators has found that 46% of the respondents had to deal with stolen laptops in 2006, with the average loss over the year increasing from $19,562 per respondent in 2005 to $30,057 per respondent in 2006.

Growing Problem

"Just about everyone that we speak to these days knows about a stolen laptop situation personally," Figueiredo says. "It certainly is more prevalent when compared to two years ago." It also is easy to find news reports that are filled with reports of stolen laptops or missing USB flash drives with sensitive data.

In 2006, a few of the many incidents of laptop theft resulted in the release of personal information from more than 540,000 N.Y. state workers>, 4,600 ROTC scholarship applicants, 13,000 Washington, D.C., ING retirement plan participants, 2,500 Equifax employees, 196,000 HP employees in a Fidelity benefit and defined contribution plan, and 17,000 patients of Mount St. Mary's Hospital in Buffalo, N.Y. An average of nearly one incident of data theft is added each day to the Attrition.org database that keeps track of such events.

In perhaps the most notorious case last year, the U.S. Veterans Administration lost a USB hard drive and a laptop with more than 26 million records. Fortunately it was recovered, apparently without any data having been accessed.

Some companies are repeat offenders. Boeing Corp. has had three notable laptop losses over the past several years, with each machine carrying critical personal information. This happened despite a corporate policy to not place sensitive information on a laptop without some form of encryption. The last loss caused the employee to lose more than his data; he was fired for violating company policy.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll