AlertBoot Full Disk Encryption and Data Security
in

Next Steps

Get AlertBoot Encryption Now Subscribe Now
Why AlertBoot?
AlertBoot Encryption Software - Overview Product Overview
AlertBoot Encryption Solutions Security Features
AlertBoot Full Disk Encryption - Contact Us Contact Us

This Blog

Syndication

Tags

AlertBoot Endpoint Security

Disk Encryption Not On Lost Disks With Home Office Data

Disk encryption was probably not used to secure the information stored on two disks that were lost, possibly affecting 3000 seasonal agricultural workers, the Home Office in the UK has announced.  The loss occurred this March but was only disclosed on August 8.  The use of data protection solutions like AlertBoot would have been useful, to say the least.

 

In all fairness, the loss of the discs was not perpetrated by the Home Office.  According to a spokesperson, and external contractor decided to send the two discs via normal post, when it should have been sent via special delivery.  This was against the agreed procedures.  The lost discs did have to password protection, although I take this to mean that information was not encrypted.

 

This presumption is further supported by the fact that in June, the Home Office started using an encryption service to secure any data sent via post.  Better late than never, I guess. However, what’s even better than “late,” is “at the beginning.”  That is, start file encryption before disaster strikes, not after.

 

Perhaps I’m revealing my misanthropic streak here, but why is it that the UK government continues to rely on people to do the right thing?  I’m not doubting the intentions of people in general (I have a funny way of expressing it, but I believe most people are good, as are their intentions); it’s just that history has shown, time and time again, that people cannot be relied on to enforce and follow a set policy 100% of the time—so claiming that an accident with serious repercussions occurred because “they did something against the agreed procedures” is, well, irresponsible.

 

This inability to follow procedures is especially true when it comes to the little things.  I mean, who would be more dismissive about following procedures?  The guy in charge of handling the sensitive data of 3000 people, or the guy who’s supposed to mail this stuff?  Chances are it’s the latter guy.

 

So, again, relying on that guy for ensuring the security of sensitive data—which involves using the right courier service—is not a good idea.  I just hope he’s not in charge of using the encryption service as well.

 

Related Articles:

http://news.zdnet.co.uk/security/0,1000000189,39460397,00.htm?r=7

Published Aug 14 2008, 01:31 AM by sang_lee
Filed under: , , , , , , , , , , ,
<Previous Next>

Senator’s Personal Email Account Hacked: Could Encryption Software Have Helped Her?

Disk Encryption Is A Better Policy Than A Word‑Based One

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with Data Guard Systems, Inc., the leading provider of managed endpoint security services, based in New York, NY. Mr. Lee helps with the deployment and ongoing support of both the AlertBoot disk encryption managed service and the CellularManager cellular pos service for Data Guard's customers. Prior to working at Data Guard Systems, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.