Posted: March 22nd, 2008 | Author: robfranklin | Filed under: Business, Mobile, Security | Tags: encryption, it security, notebook security, Security | No Comments »
Yesterday I wrote about encrypting data on your notebook computer when you are carrying data around. Within that posting I mentioned TrueCrypt as a program which can be used for this task so for those of you that are interested in it, I mean who wouldn’t as it’s open source, here’s a brief tutorial. Read the rest of this entry »
Posted: March 21st, 2008 | Author: robfranklin | Filed under: Business, Mobile, Security | Tags: data security, encryption, file encryption, it security, Security | No Comments »
Over here in the UK there has been a lot in the paper recently about the data losses by some of the key government agencies such as HMRC as well as businesses such as Skipton Building Society much of which was not encrypted data. As you will know there has been much public outcry and quite rightly so but do we have any room to talk?
The fact is that almost every business today owns at least 1 notebook computer and typically that will be taken out to meet clients, to work from home etc. On that notebook there will typically be a great deal of data regarding either your own business or possible about your clients data so do you encrypt your data? The answer is almost certainly no, so how on earth can we complain when other organisations do they same. While I understand that these organisations should know better as they have much larger funding budgets to get people onboard that should be telling them this but the fact of the matter is that very few businesses do this themselves. Recent figures show that the public is 80% more cautious with their personal data than before the HMRC data loss which is a positive move for security. You may think that the data on your notebook is of no value to anyone else but lets just assume for one minute that you loose your notebook and you have the following on it:
- On it is the payroll figures as you needed to work on them tonight
- You also have the sales figures for your clients
- Details of a new proposal for a potential client
- Documentation regarding a client(s) site, not including passwords
So what is the value of this to anyone else:
- The payroll data would be invaluable to a headhunter for example. If you had a member of staff who had some very coveted knowledge then they would be able to know where to start with pay offers
- If the payroll figures included home addresses of employees then this would also be of interest to criminals for identity theft.
- Sales figures would be of great interest to your competition as they would be able to ascertain the financial value not only of your own company month in month out but also the value of each of you clients each month.
- Details of a new proposal would again be of interest to your competition as they would then know what you are proposing but more importantly what you are planning to change for this fantastic service. If this proposal is for an IT system this may also be of use to a potential hacker as it may provide information regarding internal systems or security information.
- Documentation regarding a clients site would almost certainly hold value to a potential intruder if it was technology documentation as it would provide valuable insight into what internal systems they had. If it related to equipment such as phones, plant machinery then again it would have value to competitors or companies in that field.
Read the rest of this entry »