in

This Blog

Syndication

Tags

AlertBoot Endpoint Security

Full Disk Encryption A Perfect Companion for Home Cooked Meals

The Home Restaurant in Canada has been a victim of a computer data breach.  From what I can find on the Internet, the Home Restaurant is a small chain that specializes in providing homemade‑like meals in a homey atmosphere.  The problem is that such idyllic establishments can’t shelter themselves from the ugly aspects of life.  Like a break in.

 

According to The Vancouver Sun, a computer was stolen between two and four in the morning this past Wednesday.  And according to the RCMP’s report, the stolen computer contained credit card and bank card information.

 

The fact that the restaurant was broken into is not surprising.  Neither is the fact that something got stolen.  What is surprising, though, is that a restaurant was keeping an electronic record of customer credit cards.  Why would a restaurant need to do this?  A phone company, I can see it happening; you’ve got recurring monthly charges.  But a restaurant?  Most business keep the data in redacted form.

 

In the US, as I understand it, retailers are unauthorized from having this data stored electronically.  In fact, if I recollect correctly, certain retailers are currently facing a lawsuit with class action status because they showed too much redacted information on receipts: if a retailer displayed more than four numbers of the credit card that was charged, as well as the expiration date, on a receipt slip, this is deemed as “too much info,” with the potential to lead to credit card fraud if someone picks up a discarded receipt.  If this type of information is considered illegal (barring an actual judgment to the contrary), imagine the consequences of keeping entire credit card numbers.

 

If this incident proves anything, it is that small and medium businesses are sitting ducks when it comes to crime in the digital era.  The Home Restaurant has a total of five locations.  Combine the relatively small size of this particular firm, as compared to a global giant like McDonald’s, and the slim margins of the industry, and it’s not a wild guess to assume that they can’t afford a dedicated IT staff or lawyer.  Their lawyer would have, hopefully, pointed out that what they were doing with the credit card numbers was potentially illegal.  The IT staff could have come up with certain solutions to ensure that the effects of a disaster are mitigated.

 

For example, knowing that credit card numbers were being stored, he could have set up the computers in the restaurant with a full disk encryption solution like AlertBoot.  While it may take a lawyer or someone in the credit card industry to point out the legality of what Home Restaurants was doing, it doesn’t take too much grey matter to realize the potential mischief if a computer gets stolen under such circumstances, and a good computer guru would have realized the importance of a solid hard drive encryption strategy.

Published Apr 11 2008, 01:40 AM by sang_lee
Filed under: , , , , , , , , , , , , , , , , , , , ,
 
<Previous Next>

How Full Disk Encryption Could Solve Problems For Australian Hospital Accused Of Data Breach

NIH Full Disk Encryption Issue: Eating My Words

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.