|
Marks and Spencer laptops should have been encrypted to protect critical data
It�s been a busy month already� especially if you are an IT manager or security officer, as it seems the run up to the long Bank Holiday weekend brought about no-end of security warnings. The theft of a laptop from Marks and Spencer has left 20,000 staff at risk from identity crime, and this comes after a report from silicon.com that showed laptop theft has significantly risen since in the last year according to 28 UK police forces. Both of these incidents follow high profile laptop thefts at Nationwide, Metropolitan Police, Serco and Worcesteshire Country Council, and goes to show that the UK�s workforce are lax when it comes to data and hardware security.
In a recent survey of its own, SafeBoot (a leading provider of mobile data encryption tools), found that nearly a quarter of workers had lost their laptop or had it stolen, with nearly one in four of these having lost it more than once. This suggests that the 29 million workers in the UK are walking security hazards and shows why the Home Office has calculated the cost of identity theft to the British economy has been some £1.62bn during the past three years.
Tom de Jongh, Product Manager at SafeBoot offers some advice to businesses looking to mitigate the risk workers pose: �It is a simple message � losing a laptop is not a problem if your data is encrypted. If you have a secure identity management system in place then the only thing you lose is the value of the laptop and not allowing hackers access to critical information on your system.
�These stories make disturbing reading for organisations that let their employees walk out of the office everyday with a company laptop under their arm. It also raises the question about whether companies are doing enough to encourage their employees to understand the security on their laptops and educate them about the consequences if safety is breached or compromised. Would people be happy to let someone walk into their home and just walk out with their computer? No, so why let this happen at work. Businesses need to show a little more common sense and protect corporate information. �
�Why companies like Marks and Spencer do not have such protection in place is incredible considering how much they stand to lose now that a laptop has been lost. The key is having a bit of common sense � if you make the data impossible to read, then it is safe. Implementing an organisation-wide security policy which ensures that all devices (laptops, PDAs and USB sticks) are encrypted, and educating workers that all information stored on their hardware is encrypted, is of paramount importance to any company especially those entrusted with the public�s money.�
Here are a few tips from SafeBoot to help businesses protect their laptops:
1 � Tablet PCs, laptops and desktop PCs should always use Full Hard Disk Encryption to protect all data stored on them � failure to do so is like leaving the keys in your car ignition!
2 � PDAs are easy to lose and steal, so better be safe than sorry. Make sure you use PDA Encryption to protect sensitive data stored on your PDAs and its removable media cards.
3 � Corporate networks are alive with �illegal� devices, such as iPods, personal PDAs and USB sticks. Ensure that Device Control software is deployed to control these devices and their accessibility.
4 � USB sticks are great for storage, but are a security nightmare � they can be used for corporate espionage (extreme case) or easily lost. Use hardware encrypted USB data storage devices to protect sensitive data and keep your company safe.
5 � Finally, file servers are at the heart of any business. Protect and control the data stored on your file servers by using group and user based persistent File & Folder Encryption protocols.
[ Back To TMCnet.com's Homepage ]
|
Find Solutions for Enterprises, SMBs & Service Providers at the INTERNET TELEPHONY Conference and EXPO West, September 16-18, 2008. Los Angeles, California.
