Sunday, February 26, 2006

Stealing Data Shouldn't be so Darned Easy

Ernst and Young, the accounting giant, can now join the growing list of companies that have lost sensitive and personal data via simple property theft.

In this breaking story by Ashlee Vance of the Register: Ernst & Young fails to disclose high-profile security breach, laptops were left unsecured and they promptly disappeared.

The Privacy Rights Clearinghouse tracks data breaches: A Chronology of Data Breaches Since the ChoicePoint Incident. If you look at the reasons, stolen computers seem to be a recurring theme.

Credant Technologies did a scary survey back in October, which stated:

"Everyone knows to guard their devices when they're traveling, but the results we found about the office were quite shocking," said Bob Heard, CREDANT Technologies CEO. "What we discovered were corporate environments that are careless and even reckless with laptops, many of which contain crucial company and personal data. And the ease with which these laptops are being stolen in the workplace is stunning."

Here is the full survey from Credant:

Survey Says ... Guard That Laptop at the Office!

Technology has made all of our lives a lot easier, however it has also exposed us to a growing crime wave. In addition to using "technology" to develop countermeasures, perhaps a little common sense should be added to the equation.

It shouldn't be so easy to commit a major breach of sensitive information!

3 comments:

prying1 said...

You would think that at least some of these nitwits that allow their laptopss to be stolen would have had a bit of foresight.

Perhaps the threat of companies immediately discharging the idiots would make them think twice before turning their backs on the machines.

Meantime who suffers? Those whose info is stolen and then misused.

Anonymous said...

This kind of thing is not exclusive to user either. I know of an "IT expert" who recently left a laptop with no local admin password default user name and over 50 Client vpn connections sitting at a clients. Best part is he had no clue what he had done with it until I told him I found it.......

me said...

I agree that having sensitive information on a laptop in your vehicle isn't exactly smart. What is considered safe these days? File/file system encryption, two-factor authentication even with biometrics, RFID or access tracking measures for mobile computing. All of these measures equal cost, even at $500-1000 per machine. It doesn't "appear" to be cost effective for companies to invest in these protections until something like this happens. Even locked in your office, how safe is it really? Eventually companies will say "enough is enough" and security will begin receiving the attention it needs. But it's going to have to be something larger than someone's laptop being stolen. Until then, the
headlines will keep coming in.

Hindsight is always 20/20.