in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Army Laptop With Secret Information Left Behind In A Pub: Information Security Requires Something Other Than Deadly Combat Skills

The Sun has come into possession of a military laptop computer with personal details of more than 200 soldiers—including their training, relocations (I think that’s what The Sun meant), and weapons store locations.  Plus, it contained the names of spouses and children, and letters of recommendations and disciplinary issues.  The Sun points out the data was not encrypted, something that can be done easily (and quickly) using AlertBoot, for example.  Based on the snapshot they have on the website, The Sun knows this because they got unfettered access to the computer and its data.

 

So, how did the laptop get lost?  A captain (as in the military rank, not the sailor) went for a bender at a pub and left it beneath a table.  This is on top of the clear violation of last month’s rule strictly forbidding unencrypted machines from leaving government offices, implemented quite belatedly, I might add.  The Sun has labeled this as the latest embarrassment for the Ministry of Defense.

 

Personally, I’d say it’s a little bit more than an embarrassment.  As pointed out in the original article, this is something of a treasure trove for terrorists.  Not only do the names of family members make for identifying targets, the locations of ordnance is, per my experience, actually a closely guarded military secret.  Of course, the level of secrecy varies (say, nuclear weapons vs. bullets), but nevertheless it’s supposed to be secret.  It’s a classic case of security via obfuscation.  And, of course, the vicinity near such weapons caches is guarded—but they try to not make it too obvious that it’s guarded.

 

The main reason for the secrecy is to avoid it from becoming a target, from land or from the air.  In times of war, the first thing to target is the enemy’s weapons.  If a terrorist, you’ve got to get your weapons from somewhere—if you haven’t got the money for the black market, you’ve got to raid and steal.  But in order to raid and steal, you’ve got to know where the weapons are kept in the first place.  Which is why you keep information regarding location secret.

 

And this is probably the main reason why you shouldn’t be lugging around such data, especially if you’re planning on drinking. (Zounds!  Military personnel drinking?  No…)  Of all the different companies and organizations in the world, it’s probably the military that faces the least in terms of problematic personnel behavior.  Seriously, I mean it.  My observation is based on the fact that the military doesn’t have to deal with the usual procedures civilian companies face.  Have a problematic junior officer or recruit?  It’s been known that a quick, light beating helps resolve a lot of problematic behavior.

 

But in spite of this, the military does have problems with personnel behavior; can you imagine how much harder it is to control the wayward behavior of people who cannot be physically beaten up?  Without severe repercussions, that is.  Which is why I find it odd that the UK government hasn’t embarked on a program of securing all mobile and at‑rest data with encryption, or at least done so for the military branches.

 

It’s a shame, really.  Encryption would solve a host of problems, such as preventing data breaches if computers are lost (due to stupidity or otherwise); if computers are stolen; keeping unauthorized eyes out of sensitive material; etc.

 
<Previous Next>

Yet Another Unencrypted Laptop Computer Stolen From A Car: Cross Country Healthcare Staffing In The News

Administrative Systems, Inc. Reports Information Security Breach On 200,000

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.