AlertBoot Full Disk Encryption and Data Security
in

Next Steps

Get AlertBoot Encryption Now Subscribe Now
Why AlertBoot?
AlertBoot Encryption Software - Overview Product Overview
AlertBoot Encryption Solutions Security Features
AlertBoot Full Disk Encryption - Contact Us Contact Us

This Blog

Syndication

Tags

AlertBoot Endpoint Security

Full Disk Encryption Lacking On Lost Arapahoe College USB Flash Drive

The fault lies with the contractor that Arapahoe Community College (ACC) hired to manage the student information database.  An employee for the contractor lost a USB drive at the Copper Mountain Resort, and now 15,000 ACC students are being notified of a possible data breach.  Obviously, the incident could have been averted with the use of full disk encryption solutions like AlertBoot.  However, an easier way to prevent the situation from happening in the first place would be not to carry such information around.

 

I was almost going to note that it’s not a good idea to carry around sensitive information on 15,000 people while on vacation—the loss having happened at a resort—but I’d be assuming the guy was not on assignment.  After all, the hospitality industry is huge when it comes to maintaining databases.  (On the other hand, if the guy was on vacation…why carry such information?  He’s just asking for trouble, especially if such a data device does not feature encryption.)  The sensitive data lost in this case includes names, addresses, credit card numbers, and Social Security numbers, according to this article at 9NEWS.com.

 

As noted on pogowasright.org, someone from the ACC has an entry in the comment section, stating the credit card numbers and SSNs were included for 5,286 students only.  Plus, the incident affects “non‑credit students in the Corporate Learning Division in Parker.”  The reason why there are “15,000 records were in the database is because it was a compilation of 11 years.”  Most people will probably fixate on the “11 years.”  I’d fixate on “database.”

 

The implication, of course, is that some guy is totting around an entire database of records in a flash drive.  And not encrypted, to boot.  You may as well say this contractor was hired to mismanage the student information database.  I mean, isn’t information security included under the moniker of database management?

 

Actually, now that I bring that up—assuming this particular contractor was not practicing the basic aspects of database management—I wonder if there were other databases on that flash drive?  I mean, are there other companies or organizations affected by this particular USB drive loss?  It hardly seems logical that the flash drive had the sensitive records of one client only.  Time will tell whether this turns into a Colt Express scenario.

 

Related Sites:

http://www.pogowasright.org/article.php?story=20080804160738543

http://www.9news.com/

Published Aug 05 2008, 01:23 AM by sang_lee
Filed under: , , , , , , , , , , , ,
<Previous Next>

Laptop Encryption Not Implemented In Missing Ireland C&AG Notebook Computer

Disk Encryption A Great Ingredient For Anheuser-Busch Employees (Update)

Comments

Why Identity Theft such a problem! | Merchant911 - Fraud Prevention for Merchants said:

Pingback from  Why Identity Theft such a problem! | Merchant911 - Fraud Prevention for Merchants

August 22, 2008 4:57 PM
 

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with Data Guard Systems, Inc., the leading provider of managed endpoint security services, based in New York, NY. Mr. Lee helps with the deployment and ongoing support of both the AlertBoot disk encryption managed service and the CellularManager cellular pos service for Data Guard's customers. Prior to working at Data Guard Systems, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.