in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

New European Directive Could Boost Full Disk And Other Encryption Products

A new European Commission directive on electronic privacy may include a data breach notification provision.  While it’s still up for debate, all signs seem to point that the data breach legislation will be approved.  While this is not a clarion call for companies to start protecting digital information with the use of data encryption software like AlertBoot encryption solutions, it certainly would raise interest in both such products and the idea of data security overall.

 

Of course, if one’s not aware that data security is a necessity in this day and age, there’s a good chance that they don’t need it: even 60-year old grannies who’ve never touched a computer know about the need for data protection, knowledge gained ever since some *** decided to take out a mortgage via identity fraud.  And, Europe has been rocked by its fair share of data breach scandals, although most of it has been in the UK, it seems.  So, again, if you’re not aware of the need for data security, you probably don’t need it; on the other hand, you’re probably not reading this blog post either…

 

There are some pointing out that this new legislation is “farcical.”  The reason?  Only web service companies, such as ISPs or online retailers, are required to fess up to a data breach.  Incidents like the loss of CDs with huge amounts of data, such the HMRC fiasco in the UK, where nearly half the population of that country was potentially affected, does not require a public confessional.  This means that if one loses a laptop full of sensitive customer details, and the company is, say, a hospital, there’s no need to alert anyone—at least, not from a legal standpoint.  If you’re WebMD facing the same situation, though, you will have to.

 

Is this the right legislation?  I find it lacking, not farcical.  It’s like having separate legislation for murder: if you plan and kill someone with a knife, you get 10 years; kill with a gun and you’ll get life.  If such legislation exists, it doesn’t make sense: why does it matter how one carried out his premeditated crime?

 

Likewise, why confine data breach notifications to only a segment of those who are part of data breaches?  If past history has shown us anything—and I haven’t actually compiled hard numbers, so I’m basing it off my feelings and experience—it’s that you have as many, perhaps more, data breaches that happen offline than online.  I’ve covered more instances of lost and stolen CDs, USB memory sticks, laptop and desktop computers, and external hard drives than I’ve written on online hackers.  And, the biggest data breaches seem to be offline as well: the above-mentioned HMRC.  TJX’s was offline, in the sense that it was credit card data collected (yes, wirelessly) at the retail point of sale, not online point of sale.  The VA computer thefts from last year in the US.

 

Maybe the proposed legislation is a farce in the sense that governments are not pointing fingers at themselves.  After all, each government has access to the biggest depository of data on citizens.  Not everyone shops at TJX; pretty much everyone pays taxes to the government.  Guess whose data breach would be more massive?

  

Related Articles:

http://www.pcpro.co.uk/news/224478/european-companies-forced-to-own-up-to-data-losses.html

http://www.computerweekly.com/blogs/the-data-trust-blog/2008/09/farcical-data-breach-notificat.html

 
<Previous Next>

22,000 At Intuit Subject To Data Breach: Colt Express Computer Theft And Lack Of Data Encryption Aftershock

Laptop Losses To Grow 300% According To Safeware. Time To Consider Hard Disk Encryption?

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.