in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Full Disk Encryption Can’t Be Trumped By Cardboard Boxes

An administrative office handling the details of patients at Staten Island University Hospital, in New York, has lost a computer with information on 88,000 patients.  Surprisingly, the theft happened four months ago, but is only being announced today.  What’s also surprising is that the suspect was able to snag the computer—no word on whether it was a laptop (not that it would matter)—with the help of a cardboard box: he popped the computer into the box and strolled out the door.

 

I’m inclined to believe that the computer was a desktop just because the box was used—and another prime example why the medium doesn’t matter.  That is, people raise the issue of sensitive data being stored on laptop computers, but this is really a non‑issue, as I keep pointing out.  If thieves have proven anything, it’s that anything can be stolen, and quite easily to boot.  But the physical theft of computers is not what’s at stake for most companies.  Nope.  Rather, it’s the knowledge that the data residing in those computers may be used in illegal ways.

 

This is why I keep stressing the need for hard drive encryption products like AlertBoot: it’s been proven that well‑developed encryption algorithms are very hard to crack (and, as testament to that, there’s only a handful of them, like RSA and AES).  You’d essentially need the help of a major powerhouse like the NSA to gain access to information on a computer whose contents are protected with full disk encryption.  With full disk encryption, it wouldn’t matter whether sensitive data, like the stolen patient information above were lost or stolen.

 

This is something that the administrative office should keep in mind.  According to their press release, they’re looking into ways to “reduce the possibility of computer theft in the future” due to this incident.  Looking for ways to decrease physical theft is always a welcome prospect.  Companies like Wal-Mart, for example, invest a lot of money to reduce “shrinkage” as much as possible.  Plus, since the hospital knows that there is a flaw in their security procedures, they should definitely patch it up (the fact alone that some guy could carry a computer out from the premises probably indicates that the hospital wasn’t up to snuff with HIPAA specs.  Computers are pretty much required to be bolted down or locked in a room somewhere.)

 

However, concentrating on physical security alone would be missing the point.  The digital era gives criminals new ways to carry out data security breaches; it also gives us new methods for ensuring data security as well.  It would be a fallacy not to use these new methods in order to lower the instances of data breaches overall.  Even if a traditional method was used to cause the data breach in question.

 
<Previous Next>

Hard Drive Encryption To The Rescue: UK Making Data Loss Illegal

Hard Drive Encryption A Needed Solution In Light Of BP Internal Memo

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.