Here’s an interesting progression in how to address the growing data breaches that occur largely from ignored, overlooked, and/or inadequate security practices…
Archive for the ‘Lost & Stolen Laptops’ Category
The Ponemon Institute seems to have been busy doing surveys throughout the world recently!
According to three separate research surveys they did in the U.S., Canada and the U.K. they report within the BNA Privacy and Security Law Reports (subscription required) about “The Human Factor in Laptop Encryption” many interesting findings. The following are some of the high-level summary statements; see the full reports for some very interesting statistics and analysis:
Okay, this story begs the question, why didn’t someone at the Naval Research Laboratory notice disappearing equipment…?
I’ve been doing a lot of work with data retention and disposal policies and procedures lately, remembering the silly things I have read about with regard to organizations getting rid of their computers, such as selling their computers on eBay when they no longer need them…without removing the information! This is certainly not a phenomenon that is confined to the U.S.
Lo and behold, another situation has happened where an organization sold their old computer on eBay…for a bargain at £77 ($141), and it contained a a huge amount of personally identifiable information (PII), including credit card applications, on what is reported to be as many as over 1 million customers. Here are a few excerpts from the report in Forbes…
My good friend Alec sent me some great links to statistics about the numbers of laptops lost at airports each year…thanks Alec! 🙂
Here they are…
Geesh, every single day there is at least one news report about a stolen or lost mobile (laptop, notebook, PDA, Blackberry, etc.) computer! Today one of the reports was about a laptop computer, containing cleartext information about 11,000 hospital patients, that was stolen from a doctor’s home in Staffordshire, U.K.
A couple of days ago I posted the first section from the second article in my “IT Compliance in Realtime” journal issue for June.
Here’s the second section from that article…
Every day, literally, I read news reports about lost or stolen laptops. Today is no exception. The news report, “A Misconfigured Laptop, a Wrecked Life,” chronicles how one man had his first work laptop stolen, and then he was fired when the second work laptop he was issued as a replacement was found to have pornography on it…either it was pre-loaded when he got it, or lack of prevention software allowed someone to remotely load it on his computer while he was online.
Yet another in a long procession of laptop thefs, “Stolen laptop contains personal info of 2,500 patients“.
Here are the first few paragraphs…
Yesterday CNN reported the results of the FORTUNE 2007 survey of business people for the companies, in any industry, they admired most.
The rankings were based upon 8 key score areas:
Saturday, 2/17/07, it was widely reported that the U.S. Veterans Affairs (VA) was suspending “activities at seven specialized research centers across the country after an unprotected computer hard drive disappeared from one of the facilities in Alabama last month.”