The Royal Bank of Scotland (RBS) has revealed that a laptop computer owned by the bank, and containing the personal details of approximately 100 bank customers was stolen.  However, they declined to make the incident public because the information held on the laptop encryption software was protecting the contents of that computer.  And the world is not in an uproar about the failure to disclose or the fact that sensitive information was stored on a laptop computer or the fact that someone managed to steal personal information from a bank—a supposedly safe place.  I mean, it has to be.  They’ve got vaults and armed guards.  This incident serves to illustrate several beliefs I’ve been holding for a while now.

Granted, no such data security solution exists.  But when it comes to computers—either desktops or laptops—nothing comes closer to a perfect security solution than full hard disk drive encryption.  That’s because it’s data security that is essentially built into the hard drive itself.  As opposed to locks and safety cables for computers, which are designed to deter the theft of the computers (and not the data in those computers), encryption software like AlertBoot is designed to deter access to the data.

If encryption is good enough for spooks and other intelligence agencies for safeguarding data, it’s good enough for you and me.

Really.  I’ve encountered too many people who shout and shout and shout (and scream) about how data is not supposed to be stored on laptops.  Then you get a scenario like this one where the theft of the laptop becomes a moot point—at least for the people whose sensitive data was on that computer—because the thief has no way to access that data.  No screaming.  No finger pointing.  Just civilized people acting like civilized people.

The loss of digital equipment need not be a gut-churning event, but if and only if adequate data security measures are in place.  That’s why believing that the thieves are not after the data in a stolen laptop (who came up with that brilliant statement?) or assuming that your run-of-the-mill password-protection won’t be bypassed doesn’t work in appeasing people: these are not adequate data security measures, and more importantly, people know they’re not good enough.

There’s something to be said about random events.  For example, let’s say that you find yourself in Harlem, winter of 1981.  The chances of your getting killed by a gunshot are too real.  Drive-by shootings, while random to a degree, are almost expected in that environment and, arguably, are not random.  So, you run to your apartment; you run for your life.  However, there’s a patch of ice on the sidewalk, you slip, break your neck, and die.  There’s just too many unexpected things out there.

I mention this because the man who stole the laptop at RBS actually walked in to the bank, somehow managed to yank the laptop computer from its binding to a desk, and walked out of the bank with the computer during the day (so much for safety cables).  The bank knows this, I assume, because they’ve got the footage.

Who plans for such an event?  Sure, people hire security guards to ensure something like that doesn’t happen.  And, the presence of employees is a strong deterrent so that some guy randomly coming off the street doesn’t steal your office equipment.  And that’s why someone just stealing stuff from your office in broad daylight is exceedingly rare—but then, that’s the exact definition of a highly improbable event, isn’t it?

Problem is, highly improbably events, once they happen, lead to highly probable events.  As in, the guy who stole the laptop (an improbable event, considering how he did it) was probably looking to get some sensitive information (and he probably would have gotten it, had it not been for the use of encryption).  That’s the only conclusion I can reach, since he busted the laptop in order to steal it.  Hot merchandise that’s not in pristine condition is still good for resale on the streets.  Merchandise that is busted?  That has almost no street value.  I mean, have you ever yanked a laptop from its moorings?  The end result is not pretty.  Well, usually it’s not.

Related Articles:

http://www.walesonline.co.uk/news/wales-news/2008/09/07/bank-details-on-stolen-laptop-91466-21694237/