jump to navigation

Approximately 175,000 laptops are lost each year in European airports May 22, 2009

Posted by Nikk in Information Security, Information Technology.
Tags: , , , , , , , ,
trackback

Approximately 175,000 laptops are lost each year in European airports.  A large percent of those laptops contained confidential company information.  (The US reports over 600,000 lost per year)

  • Heathrow-900 a week
  • Amserdam-750 a week
  • Paris CDG-733 a week
                 Laptops lost per week in top 3 European airports

 

Laptop loss is a major issue for many organizations, whether you are talking about the data contained or the cost of replacing the physical asset.  FDE (Full Disk Encryption) will not solve the inventory management portion of this problem, but it could keep you from becoming the next data breech headline.  FDE could be part of the solution.

By adding FDE to your enterprise Defense in Depth infrastructure, your organization can mitigate some of the risk.  Container level encryption is also interesting, in an enterprise level environment but you need something more. Some would argue for container level encryption and that the average user should know and take responsibility for the data contained on their PC/Laptop, and to ensure its proper placement in an encrypted area of the HD. In a perfect world this is what would happen.  But how should a user be responsible for data classification?  I’ve yet to see more than a few industries that even have a data classification scheme let alone FDE or even container encryption.   I’m a firm believer in making sure that the users experience is as easy as possible.  A balance between strength of security and ease of use must, therefore, be sought. If you’re making your customers (users) life more complicated, it will make gaining their acceptance much more difficult. 

 Various regulatory requirements such as the EU Data Protection Act; SOX, PCI or numerous others “help” (these don’t always require encryption) to ensure that some type of protection is keeping the data safe and secure.  Now while FDE isn’t the answer to your midday prayers, it certainly adds a very real and affordable layer of protection.  For those who see key management as a potential obstacle, a modicum of forethought and a solid architecture will ensure success.  As is often the case, it’s not the technology itself which hinders the implementation; rather, it is building the process to support the technology which requires the most attention.

Link to comparison of disk encryption software

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: