ComputerWorld recently reported on the theft of yet another laptop computer that contains vital, sensitive, private information on innocent people. It seems there's no end to these incidents, but the way I see it, this is nothing that the Mission Impossible team couldn't cure.
The CW article notes that the device was actually stolen from a “locked and alarmed premises,” as opposed to the usual tales we hear of people leaving them in the back seats of taxis or just having them lifted while snoozing for a moment in the airport.
With so many laptops being lost or stolen and so much sensitive data at risk, high-level encryption seems the least we should do before we put anything on a device that travels outside our corporate or agency firewalls. Then again, there are always passwords, but as the article points out, passwords are weak security measures at best.
I’m beginning to think that more extreme measures are in order.
I remember hearing several years ago about a technology being tested at some university laboratory that would actually allow the owner of a laptop or other device to remotely blow up the hard disk in the event the device could not be located. It’s a little like that part of the TV show Mission Impossible, where the taped message destroys itself after the lugubrious Mr. Phelps gets the message.
I can’t remember who was working on this technology; maybe some of my readers can help out. Pretty neat, I would say. In any case, it’s time to get that serious about security for portable devices. The alternative would be to ban such devices completely from the corporate infrastructure, yet that could be a hindrance where business needs to be done remotely.
What’s your solution?
Comments (5)
I think a better a solution to corporate and government laptop problem would be an automatic erase. The laptop could ask for a passwork when it is first opened and there would be a certain length of time to enter the password. If the time expires then a countdown could begin asking for a second password. The only purpose for the second password would be to protect the hard drive. However, if the second password is not entered by the end of the time limit then the hard drive is scrubbed. Both of these time periods could be fairly short, say 2 or 3 mintues. That is certainly enough time for anyone to pay attention to the fact that their hard drive is about to be scrubbed and it is a pretty short period for someone to guess the password. Obviously, there would have to be some kind of secure coporate backup system for those who refuse to pay attention, but it should work. This keeps anyone from being injured and the laptop is still usuable.
Posted by Merl Miller | May 4, 2007 9:34 PM
Posted on May 4, 2007 21:34
Rather than blow up the computer, I just use encrypted drives.
I have worked for a couple of years in the work comp industry. I think its crazy that everyone doesnt do this. I have a 2gb Kingston Flash stick transport data and I use a program called Mighty Key to set up encrypted vaults on my laptop.
There is no excuse for anyone to have their files stolen.
Posted by Butch | May 8, 2007 9:45 AM
Posted on May 8, 2007 09:45
You have asked for the exact capabilities of our product "Lost Data Destruction" offered from Beachhead Solutions. This product offers encryption plus destruction of at-risk data after a PC loss or theft.
Ara has rightfully intimated that there are scenarios where encryption alone is ineffective - two immediately come to mind. If the credentials are in any way undermined, encryption does not prevent access to the data. The crook essentially has the keys to the car. Keep in mind that 1 in 3 users writes down their login password and, more often than not, the information is in close proximity (if not affixed) to the pc).
Secondly, what if a disgruntled employee quits or a sales rep goes to work for the competition but still has control of the pc? Encryption by itself offers no protection of that data. Data elimination is a sure fire way to prevent data access and misuse under these scenarios.
Posted by Cam Roberson | May 10, 2007 4:55 PM
Posted on May 10, 2007 16:55
Interesting. Just how is the data destroyed?
Posted by Ara Trembly | May 11, 2007 2:05 PM
Posted on May 11, 2007 14:05
There is another product that will let you remotely change a password, shut down the computer, send a screen blocking message or delete specific or all files.
The product is called Crossing Guard and is available from www.juggernaut-tech.com.
John Carr
Posted by John Carr | May 21, 2007 1:17 PM
Posted on May 21, 2007 13:17