AlertBoot Endpoint SecurityAlertBoot Endpoint SecurityEndpoint security blog focusing on data breaches and losses at various companies and how such the catastrophic consequences can be avoided with the right security software. Articles
NIH Loses Laptop Computer Without Hard Disk Encryption: Some Thoughts
2008-03-26 06:14:00 I blogged last night (much sooner than the mainstream media, it seems like?I know I didn?t see too many other articles at the time) about how the National Institute of Health had reported that a laptop with patients? data was stolen. At the time I said that it affected 2500 people and that the blame shouldn?t fall just on the researcher who lost the laptop. I also suggested that an encryption solution that allowed easier auditing, like AlertBoot, may have reduced the chances of something like this happening. Well, I woke up today to find nearly two hundred new articles covering the situation, according to Google News; and as of right now, there are lots of comments on those articles. I?d like to offer my thoughts on some comments that have popped up in all the excitement. The Feds are incompetent. They?ve lost stuff without fail. Besides the NIH thing, there were two VA incidents, the backup tapes, the? OK, so the federal government has problems... More About: Encryption , Laptop , Computer , Disk , Thoughts
NIH Loses Laptop Computer Lacking Hard Disk Encryption
2008-03-25 06:16:00 The National Institute of Health has reported that a laptop with patients? data has been stolen. The theft took place about a month ago, but the incident was not made public until today. Approximately 2500 patients may be affected by the latest data security breach, since the laptop in question did not feature full disk encryption. The information in the laptop included names, medical diagnoses, and details of the patients? hearts. Information that would be readily useful to identity thieves?such as Social Security numbers, phone numbers, addresses, and financial information?were not included. (Question: why would financial information be collected for a heart study?) Regardless, the incident is being considered very seriously because it represents a violation of the government?s data protection policy and a violation of patients? privacy. The latter is self?explanatory. Doctor?patient confidentiality exists for many reasons, includi... More About: Encryption , Laptop , Computer , Disk , Hard
Agilent Surprised Full Disk Encryption Lacking On Stolen Laptop Computer
2008-03-25 06:12:00 Vindu Goel at the San Jose Mercury News has been keeping track of a story involving the theft of a laptop computer containing the personal data of 51,000 current and former employees of Agilent Technologies. The data breach includes names, Social Security numbers, addresses, and company stock?related information. In their letter to employees, Agilent put the blame on a vendor, the aptly named Stock & Options Solutions, referred to as SOS in Mr. Goel?s articles. (Anyone foresee that the name would backfire on them? Show of hands, everyone.) SOS was hired to make sure that Agilent?s former money management firm, Smith Barney, correctly transferred employee stock data to Fidelity Investments, the new administrator of Agilent?s employee stock program. I don?t know what SOS needed to do specifically but, based on subsequent events, it?s clear that they required employees? personal data. Agilent concurred, though on the condition that SOS sa... More About: Encryption , Laptop , Computer , Disk , Stolen
Indiana VA Arrests Laptop Theft. Still Doesn't Know Whether There Was Full
2008-03-22 07:00:00 A former patient has been charged with the theft of a laptop from a VA hospital last November. If you?ll recall, the Indiana polis VA center found itself short of a laptop, two desktops, and assorted peripheral equipment. The items were stolen over Veterans Day weekend, ironically enough. One of the stolen computers contained information on nearly 12,000 veterans. The thief was identified from surveillance video recordings and has been apprehended; however, the laptop containing sensitive data has not been recovered. I?ve heard how insiders pose something of a higher risk when it comes to security breaches, but this certainly is a twist. When the story broke initially last November, there were some conflicting reports on the state of encryption on the computers. Initially, it was reported that there was no encryption. Later, the statement was amended to ?there may be encryption.? Even now, with suspect under arrest, they still do... More About: Laptop , Arrests , Full , Theft
Georgia Getting It Only Half Right: Not Getting Hard Drive Encryption
2008-03-21 06:04:00 The Department of Human Resources (DHR) in Georgia has alerted current and former employees that the department has experienced a data breach. The incident took place on March 19, when it was found that an external hard drive containing names, Social Security numbers, birth dates, addresses, and federal tax information went missing. One must applaud the DHR for responding swiftly to the data breach. Not only have they alerted their employees only a day after the breach itself, they?ve already contacted the three credit bureaus to sound the alarm, and are already conducting an internal investigation. However, there are reasons for concern on how the DHR is approaching the situation. Supposedly, the DHR has instituted a new directive, right after the incident, requiring password protection on external drives, including USB flash drives, as well as ordering employees to physically secure items when away from their desks and offices. There is nothi... More About: Encryption , Drive , Hard , Hard Drive
Hard Drive Encryption Could Help Aussie Government Avoid Data Breaches
2008-03-20 05:51:00 The West Australian is reporting how second?hand computers sold by the government may lead to data breaches. An audit of disposed government computers?via donations, sales, and auctions?showed that sensitive and confidential information could be found in four out of ten computers. The information ranged from salaries and other details of public servants to government projects. As pointed out by the auditor, the information found on these second?hand computers could be used as the foundation for successful social engineering attacks, allowing criminals to carry out fraudulent activities. The computers tested cost anywhere from $2 to $180 (I?m guessing Australian, which is currently pretty much at par with the US dollar). If one does the math, then, $20 to $1800 will land you about four computers with sensitive information; information that could be exploited to net gains tens of times, potentially thousands of times, more money than the initial ... More About: Government , Encryption , Drive , Data , Hard
Insurance Company Suffers Data Breach. Considering The Use Of Device Encry
2008-03-19 06:36:00 Starling Insurance and Associates, a Colorado?based company, is notifying their customers that their personal data may be compromised, including Social Security numbers, dates of birth, drivers license numbers, account information, and names. The data breach appears to have occurred earlier this month, and those affected were notified beginning March 5. A letter to the Attorney General of New Hampshire shows that the data breach was caused by the theft of a server from a locked office, and while the computer in question had password?protection (a misnomer, in such cases), there was no encryption in place to protect the data. Currently, it appears that the company has no idea how the data breach came to be, or what kind of information was actually lost, as they are in the process of reconstituting the information from backups. However, they?re pretty sure that some or all of the information listed above are included in the lost server. What more could ... More About: Company , Data , Device , Breach
Hannaford Suffers Credit Card Data Breach. Could Their Drive Encryption Pr
2008-03-19 06:27:00 Hannaford supermarkets has been alerting their customers that there has been a data breach of credit card and debit card numbers. The statement that they?ve released made an emphatic point to let the public know that the information breach concerns those numbers alone, and does not extend to other personal information such as names and addresses, which Hannaford does not collect. And good for them, too: personal data collection and retention was one of the root problems following the TJX data breach a little over a year ago. Hannaford has also pointed out that they?re using the latest encryption protocols which are in compliance with PCI. In fact, they were certified as PCI compliant last year and recertified just this past February. However, 4.2 million credit card and debit card numbers were exposed in a breach that lasted four months from December 7 to March 10. About 1800 cases of fraud have been linked to the breach. Law enforcement a... More About: Encryption , Card , Credit , Drive , Data
When Drive Encryption Or Other Security Measures May Be Needed?
2008-03-18 06:57:00 It?s the sign of the times. The Age in Australia is reporting how thieves burglarize a home once they get their hands on a stolen GPS device from a car. In a way, it makes sense. Once a thief steals a GPS device from a really nice car (and if he?s pretty sure it?s not a rental), logic would lead him to believe that the victim?s home would have nice things, too. To confirm the above, the thief can just power on the device and check the target area. After seeing whether ?home? is in a nice residential area, he can weigh his options regarding an encore to his current law-breaking ways. It certainly is convenient for the criminal. And the above is not a what?if scenario. The Age was prompted to report on this because homes in Britain were being ransacked via this method. In fact, what the burglars do is figure out how far away from home the victim happens to be. Then, they make a beeline to burglarize that house knowing a) the... More About: Security , Encryption , Drive
Fingerprint Readers On USB Memory Sticks No Match For Device Encryption
2008-03-15 05:12:00 Heise Security is reporting that they?ve managed to bypass security in the form of fingerprint readers found on some USB memory sticks. Such fingerprint readers are growing in popularity due to the increasing awareness for protecting confidential information and a way to easily remember passwords. Fingerprints offer an ideal solution, or at least appear like one on the surface. The hack requires the use of a freely available open source software. Again, it affects only certain particular fingerprint readers found on USB flash drives, so it may not apply to the fingerprint reader on your USB drive, if you have one. Heise?s recommendation is to either purchase a flash drive with a working fingerprint reader or, better yet, use a normal USB drive but encrypt its contents. In many ways, the fact that fingerprint readers take a back seat to encryption shouldn?t come as a surprise. If you?re a Mythbusters fan, you?ve seen how easily some scanner... More About: Encryption , Memory , Readers , Match , Device
USB Device Encryption Lacking In UK Police Memory Stick Loss
2008-03-14 06:14:00 Police have recovered a missing USB memory stick containing confidential information, according to an article at The Comet, a newspaper in the UK. The portable disk drive had over 330 megabytes of data, and was found by a passerby in the town of Stevenage, lying in a gutter in front of a betting house, of all places. The passerby picked it up and found that he could access the contents. The information on the flash drive contained the names, addresses, and convictions of offenders. The police confirmed the loss of the flash drive and its subsequent recovery. In all, the device was missing only a few hours. They also added that the information residing in the memory stick related to criminals in the area and their vehicles. An anonymous insider further revealed that the information was top secret and would have compromised covert operations underway for months, even years. The criminals in question ranged from the mundane, such as motor vehi... More About: Encryption , Memory , Police , Loss , Device
Full Disk Encryption Pending Better Inventory Management?
2008-03-13 05:50:00 Or, rather, in anticipation of inventory mismanagement. I was trolling through the New York Times business section when I happened upon an article about a new type of barcode scanner for inventory management. But what caught my eye were the asset management problems that supposedly over half of Fortune 500 companies have when it comes to computer equipment. Granted, it?s all anecdotal, but according to the article, a manager at an insurance company had to write off $600,000 because he couldn?t locate 300 computers, purchased just three months before. At another company, computer assets are thrown out when an employee leaves because they have no way to effectively store, keep track, and reuse those assets. A report from Gartner supposedly found that only thirty percent of Fortune 500 companies have advanced systems to keep track computer equipment. From a data security standpoint, this is not a big deal if only brand new computers are s... More About: Encryption , Management , Disk , Inventory , Full
Stolen Laptop Recovered. Data Breach May Still Be A Real Possibility
2008-03-12 06:02:00 A laptop computer carrying the information of 3,500 teachers in California has been recovered. It was stolen about a month ago from a printer that specialized in printing customized benefit statements for district employees. The stolen computer was not encrypted nor was there any other type of data security measure in place. As I recall, not even the common ?password protected? statement was not included when the issue was reported. Well, it turns out that those involved had been hiding a key detail. There was something installed on that laptop as a contingency to theft. It doesn?t ensure data security, however. What was installed on that laptop was tracking software: once the stolen laptop comes on?line, the location of the machine can be tracked via the internet. Although I don?t have hard numbers to back it up, I?ve heard the recovery rate of such machines happens to be quite high, relatively speaking; however, there are a couple o... More About: Laptop , Data , Stolen , Real , Breach
MTV Security Breach Affects 5000 Employees
2008-03-11 06:32:00 MTV Networks, owned by Viacom, experienced a data breach this Friday, and five thousand of its employees may have fallen victim to the socially?engineered attack. While MTV is trying to find out what exactly happened, the information so far indicates that an outsider successfully convinced an MTV employee to download a Trojan to be installed in a company computer. Once installed, the hacker was able to access the computer and gain entry to employee data stored on that machine, including SSNs, birth dates, salaries, and names. Based on the articles covering this story, it seems the employee data was secured with a password, although there is no mention of encryption at all, so one can assume none was employed. In instances like this, it matters what kind of encryption one has. Generally, whole disk encryption is recommended for computers, be they laptops or desktops, since companies such as Viacom already have effective measures in place to protect the... More About: Security , Employees , Breach
Can Data Breaches Be Expected From Bankrupt Mortgage Lenders?
2008-03-08 07:20:00 The stock market is in a tumult. Actually, it has been for about a year, ever since the subprime fiasco (anyone take a look at Moody?s performance over the past year?) Now that that particular issue has been beaten to death, other mortgage?related issues are cropping up. Most of the stuff covered in the media is financial in nature, but some of those mortgage?related issues do concern information security. It?s no secret that there are plenty of companies in the US that discard sensitive documents by dumping them unceremoniously: leave it by the curb, drive it to a dumpster, heave it over the walls of abandoned property, and other assorted mind?boggling insecure practices. In fact, MSNBC has an article on this issue, and names numerous bankrupt mortgage companies whose borrowers? records were found in dumpsters and recycling centers. The information on those documents include credit card numbers and SSNs, as well as addresses, names, and other in... More About: Data , Mortgage , Lenders , Bankrupt
Kraft Laptop Theft Affects 20,000 Employees
2008-03-05 16:01:00 Kraft Foods has announced that a company laptop was stolen from an employee back in January. The theft has affected approximately twenty thousand employees nationwide. The affected group has received letters stating that they should be on the lookout for identity theft attempts. It?s hard to believe that Kraft is still having such problems. Prior to being spun off from Altria last year, Kraft Foods had been involved in a couple of information security breaches. In December 2007, eighteen thousand Altria employees were affected by the theft of five laptops from a pension consulting firm under contract with the company. Altria was not at fault, but the case should have been a wakeup call for the tobacco and food giant. And before that, there was an ID theft ring operating since the late 1990s that only used stolen Kraft Foods employee information for their crimes. It did not end until 2006, when one of the principals was arrested for a... More About: Laptop , Employees , Theft
Data Breach: A Stolen Laptop Without Any Data Becomes A Case Of Potential S
2008-03-03 14:24:00 Let?s say you?ve got a laptop. Because you?ve got the correct data retention policies in place, and you follow them to a ?T,? you ensure that there is no significant data stored on the computer. That is, no sensitive or personal information like SSNs and other forms of ID are stored. Plus, you ensure that any temporary files are erased. Let?s also say you use an application that does multiple writes over unused hard drive space, nearly eliminating any possible data breaches from advanced data extraction techniques. And, of course, you also ensure that sectors are written over multiple times whenever a file is deleted. (It?d be weird to find someone do the former without doing the latter.) In other words, if someone is not working on that laptop, there is no data. Ergo, if a thief steals that laptop while no one?s working on it, you can?t have a data breach; there is no data. No data breach means everything?s cool. Right? ... More About: Laptop , Data , Stolen , Case , Breach
Laptop Encryption Saves The Day In Stolen UK Laptop And CD eBay Sale. I Sa
2008-03-01 07:32:00 Several sources are reporting that a CD and laptop from the British Home Office got sold on eBay. The Home Office, also known as the Home Department, is that part of the government responsible for internal affairs: security, crime, counter?terrorism, border security, things of that nature. A complete list is available on Wikipedia, if you?re interested. Fortunately, and some may point out it should be expected (but we know how that works out), both the laptop and CD were encrypted. But the circumstances under which they were found are troubling, and makes me wonder about the other information security breaches over the past six months. A laptop was bought on eBay. The winner took the laptop to a service center because it wouldn?t work. So, a technician pops open the keyboard portion to take a look?that?s how you get to the innards of a laptop?and there?s a CD jammed between the keyboard and the motherboard. The CD is labele... More About: Encryption , Laptop , Ebay , Sale , Stolen
Data Breach And Espionage Fears Overblown: Petrobras Recovers Stolen Disks
2008-02-29 07:58:00 A couple of weeks back I picked up on an article that had the Brazilian government mobilizing its intelligence and police forces to recover stolen laptops and hard drives. The devices stored data on recently discovered oil and gas fields found off the coast of Brazil. The loss of data led to much speculation on who could have done it and why, including whether it was a case of industrial espionage. I pointed out at the time that I couldn?t see how spies would make use of any stolen data: oil fields hundreds of feet beneath the sea surface are not something you can steal. (On further thought, perhaps the data will be useful if the rights to pump parts of the field are auctioned off or something. I mean, who wants the risk of pumping the wrong part of the field, eh?) I also pointed out that all the furor would be moot if the laptops and hard drives in question had been encrypted using advanced encryption like AlertBoot. Well, it turns out th... More About: Data , Stolen , Breach , Espionage , Fears
Mobile Device Protection: Encryption For Those Times When Disaster Hits?Lik
2008-02-29 07:25:00 Fairfax County police in Virginia have busted a small theft ring that was operating out of a Life Time Gym. (My interest was piqued because I read that as LifeTime Gym. I don?t know what I was expecting to see. Wronged women bulking up to enact revenge on their wayward husbands, I guess.) By the time the ring was busted, police found in the thieves? possession ?33 iPods, seven BlackBerries, three Treos, two cell phones, a Nokia PDA, two Apple TVs, 24 Toshiba disc drives, two digital cameras, a Dell computer, a credit card, 33 bags of marijuana and three digital scales.? [connectionnewspapers.com] That?s a heck of a haul. And also, let us remember, this is what was found at the end of the investigation. I?m sure that there were plenty of other things that were sold off prior to the thieves getting busted. BlackBerries, Treos, PDAs, computers, disk drives?these are all products that, traditionally, have been used by business people, although thei... More About: Mobile , Encryption , Disaster , Times , Device
Healthcare Organizations Say Incidents of Data Breaches Growing. Secure In
2008-02-28 07:47:00 Healthcare organizations are beginning to feel the heat. First, there is the surprise HIPAA security audits the Feds are planning on conducting. I already blogged about it before, and how it was just a preliminary one. The exercises to be conducted this year are to figure out how to approach such audits, and affect a list of pre-approved medical centers (pre-approved because they know the audits are coming. It?s not a total surprise). However, once the preliminary studies are conducted, the results will be used to expand the audits nationwide. Unlike the past decade since the law took effect, auditing will be performed to ensure HIPAA compliance. What?s worrisome, though, is the growing feeling that healthcare organizations are being targeted for information and data theft. It?s not big, not yet. However, there are signs that the problem is growing. A networkworld.com article quotes Secure Works as seeing an 85% increase i... More About: Healthcare , Data , Growing , Organizations
Government Conclusion: Irish Bloodbank Did Not Breach Data Protection Act B
2008-02-28 07:38:00 Irish Blood Transfusion Services did not breach the Data Protection Act when their donors? information got stolen earlier this month. Or rather, when the laptop containing their donors? information was stolen. The Data Protection Commission found ??that the encryption in place on the laptop was sufficient to ensure that there is only the remotest of possibilities of access taking place to the personal data in question.? Plus, they also investigated to make sure that the usernames and passwords to decipher the encrypted information was not stolen along with the laptop. Veryfing that the keys were not, say, written to a post-it and stuck to the bottom of the device, I assume. So, how remote are the possibilities of someone breaking the encryption? Well, it depends on two factors: the strength of the encryption key itself and the strength of the passwords. The encryption key is what is actually used to scramble the information on the laptop.&nbs... More About: Government , Irish , Breach
Medical Data Security Growing Problem In Years To Come
2008-02-16 06:56:00 The Government Technology site has an article by Jim McKay about the growing problem of medical insurance fraud. Medical insurance fraud accounts for only three percent of US healthcare costs, which currently translates to about $60 billion, and of that, 1% is attributed to medical ID theft?which is quite sizable when you look at the resulting number: $600 million. Some of the stats he?s revealed are quite eye?popping, and I can see why so many people think things will become a whole lot worse before becoming better in this particular type of ID fraud. Supposedly, medical IDs exchange at $50 per record compared to $1 for SSNs. I imagine this is a result of market forces: medical insurance scams pay $20,000 on average, ten times the payout for regular ID thefts. Plus, such scams are apparently harder to stop on time because most people don?t check their health insurance bills. Some of the cases McKay has detailed are quite brazen on the part of t... More About: Security , Data Security , Data , Problem
Laptop Security: 5000 Patient Records In The UK Stolen. Data Encryption No
2008-02-15 07:59:00 Thousands of UK patients have had their information compromised by the theft of a laptop from Russells Hall Hospital. The laptop was stolen on January 8 but affected patients are being notified only now. The authorities were alerted at the time of the theft. The hospital has tried to reassure patients that their data is safe, since the database containing names, addresses, dates of birth, and medical details was password?protected. However, trust chief executive Paul Farenden also admitted that the laptop has not yet been fitted with a new data security system that is currently being implemented to the tune of £350,000. When such details are revealed, uncomfortable?and in my opinion, sometimes unfair?questions tend to be asked. Such as, ?well, if the data is so secure, why do you need a new data security system?? The conclusion is obviously because the current data security system is not as secure as one would like it to be. After al... More About: Security , Encryption , Laptop , Data , Stolen
Computer Security And The Media: The Loss Of Three Laptops Pushes My Pet Pe
2008-02-15 07:54:00 I?m reading a short article on The Republican about the theft of three laptops from a Massachusetts School Department, and one of my pet peeves was included. The following statement really gets me: ??the computer was password protected and he doesn't believe identity theft was planned.? Now, the password?protected part, I understand. Mentioning password?protection is part of the game to reassure the public and those potentially affected by the theft, despite the fact that it doesn?t really mean squat in terms of protection; it?s about as secure as hoping a burglar doesn?t notice the door to your safe has been left ajar. I?ve come to accept that no matter how distasteful I find it?mostly because the password?protection spiel perpetuates the myth that there is protection?it will be part of the game for some time. Of course, that doesn?t mean I?m not going to rant about it now and then. However, the part where it says that identity theft was n... More About: Security , Media , The Media , Laptops , Computer
Administrative Systems, Inc. Reports Information Security Breach On 200,000
2008-02-13 06:34:00 The site pogowasright.org has a follow up on a small article that I saw yesterday. It looks like someone who was affected by Administrative Systems , Inc. (ASI) computer theft got in touch with the privacy?championing website. The original article, while short, had made a couple of things clear. A desktop computer was stolen from ASI?s office back in December. Because ASI provides administrative services for insurance and other financial services companies, it handles sensitive information including names, dates of birth, mailing addresses, and Social Security numbers. The website ASI set up to disseminate information announced that credit card information or driver?s license numbers were not included. They did not mention whether the stolen desktop computer was encrypted or not, but I would bet a pretty penny that it probably wasn?t. Those possibly affected were contacted via mail. That was yesterday, and it was one of various data b... More About: Information , Information Security
Army Laptop With Secret Information Left Behind In A Pub: Information Secur
2008-02-13 06:31:00 The Sun has come into possession of a military laptop computer with personal details of more than 200 soldiers?including their training, relocations (I think that?s what The Sun meant), and weapons store locations. Plus, it contained the names of spouses and children, and letters of recommendations and disciplinary issues. The Sun points out the data was not encrypted, something that can be done easily (and quickly) using AlertBoot, for example. Based on the snapshot they have on the website, The Sun knows this because they got unfettered access to the computer and its data. So, how did the laptop get lost? A captain (as in the military rank, not the sailor) went for a bender at a pub and left it beneath a table. This is on top of the clear violation of last month?s rule strictly forbidding unencrypted machines from leaving government offices, implemented quite belatedly, I might add. The Sun has labeled this as the latest embarrassment for... More About: Information , Laptop , Army , Secret , Left
Yet Another Unencrypted Laptop Computer Stolen From A Car: Cross Country He
2008-02-12 07:26:00 Three different healthcare staffing companies doing business under the umbrella of Cross Country Staffing has alerted the Attorney General in New Hampshire about a possible information security breach. A laptop computer containing the information of some Cross Country employees?including their names, Social Security numbers, and addresses?was stolen from an employee?s car. The letter to the AG reports that approximately 45 New Hampshire residents were affected. If history is any indication, the actual numbers of employees affected is going to be much higher than this, since Cross Country is reporting numbers related to New Hampshire only. If the company letterhead is to be believed, Cross Country has offices in Boca Raton, Boston, St. Louis, Atlanta, Tempe, Nashville, Raleigh/Durham, Chicago, Phoenix, and Seattle. That?s all over the United States?something tells me more (a whole lot more) than 45 people were affected by this particular incident. ... More About: Laptop , Computer , Stolen
No Laptop Encryption: Memorial Hospital Loses Laptop Containing Eensitive E
2008-02-10 21:13:00 Missing information at one of South Bend?s largest employers could put thousands at risk. Memorial Hospital has notified employees that a laptop containing personal information is missing. An employee lost the laptop while traveling in November. This week employees received a letter warning them that the missing computer contains their names, addresses, birth dates, ID numbers and social security numbers. ?The laptop she had was not encrypted. We were in the process of doing that for all our laptops, which we'll have done now probably in the next week or so,? said Dr. George Soper, vice president of Human Resources at Memorial Hospital. ?This is an unfortunate situation and something you can never take lightly.? Soper says the employee had carried the laptop on an American Airlines flight, but the flight attendant took it away because there wasn't any room to store it where she was sitting. Memorial waited to inform employees until investigations by both American Airlines an... More About: Encryption , Laptop
Data Breaches CAN Be Prevented: Full Hard Disk Encryption Is Key to Fixing
More articles from this author:2008-02-08 21:34:00 The costs as well as the volume of ID thefts continue to rise. Estimated business losses per victim increased by about $7,500 from 2003 to 2004, from $41,717 to $49,254, according to the Identity Theft Resource Center. Reported costs per record were $197 last year, according to the Ponemon Institute's third annual study.As the number of identity theft victims continues to mount, so has the amount of data and information related to such events -- and the time and resources devoted to better understanding, analyzing and devising measures that can better prevent such occurrences."The stakes are already quite high when it comes to data loss: According to Gartner and the Ponemon Institute, the loss of a single record -- not financial fraud -- is around (US)$197. If you take the extremely conservative estimate from the same research that said that in 2007, 127 million records were lost, you get around $25 billion in direct losses," noted Uriel Maimon, senior researcher for s... More About: Encryption , Disk , Data , Hard , Hard Disk 1, 2, 3, 4, 5, 6 |
|
 |
|
 |
