East Burke Christian Ministries--a charity operating out of Hildebran, North Carolina since the 1990s--experienced a burglary that has resulted in the data breach of over 1,000 Social Security numbers. An old laptop computer and some petty cash were stolen sometime last week. The burglar broke two doors in order to do so. It doesn't sound like any type of data security software, like drive encryption from AlertBoot, was used to secure the data. And, the charity knows what the implications are. According to wsoctv.com an employee said, regarding the theft of the laptop, that "the problems that this could cause for Christian Ministries and our clients is great, so have a heart — bring it back." Color me cynical, but that computer is not coming back. I mean, the guy broke through two doors to get to it. I'm sure he didn't do so knowing what type of information was on that laptop computer, but he did expend a great deal of energy. Plus, if he was to have a heart, I'm sure he wouldn't have broken into a charity to begin with.
East Burke Christian Ministries--a charity operating out of Hildebran, North Carolina since the 1990s--experienced a burglary that has resulted in the data breach of over 1,000 Social Security numbers. An old laptop computer and some petty cash were stolen sometime last week. The burglar broke two doors in order to do so. It doesn't sound like any type of data security software, like drive encryption from AlertBoot, was used to secure the data.
And, the charity knows what the implications are. According to wsoctv.com an employee said, regarding the theft of the laptop, that "the problems that this could cause for Christian Ministries and our clients is great, so have a heart — bring it back."
Color me cynical, but that computer is not coming back. I mean, the guy broke through two doors to get to it. I'm sure he didn't do so knowing what type of information was on that laptop computer, but he did expend a great deal of energy. Plus, if he was to have a heart, I'm sure he wouldn't have broken into a charity to begin with.
Many out there believe that encryption software is for the big guys: the Fortune 500s; the military; federal government organizations, like the FBI and CIA; etc. However, the truth is that the little guys need encryption, too. Sensitive information--like ID info and credit card numbers--is collected and stored by the big guys as well as by charities and SMBs. It doesn't make sense that the big guys use encryption to protect data while the smaller guys don't. After all, information is information. It doesn't matter who holds it, if it falls into the wrong hands you're going to have problems.
Many out there believe that encryption software is for the big guys: the Fortune 500s; the military; federal government organizations, like the FBI and CIA; etc. However, the truth is that the little guys need encryption, too.
Sensitive information--like ID info and credit card numbers--is collected and stored by the big guys as well as by charities and SMBs. It doesn't make sense that the big guys use encryption to protect data while the smaller guys don't. After all, information is information. It doesn't matter who holds it, if it falls into the wrong hands you're going to have problems.
Small and medium-sized businesses and charities think that encryption is hard to implement and expensive; they'd rather deal with good old physical security. I'd say this is a common misconception regarding data security. It's the big guys that can afford the physical security that often takes the place of data encryption: the security guards; industrial-strength, magnetically-sealed doors; the 24-hour monitoring, etc. The beauty of physical security is that it provides two types of protection: data protection and asset protection. The protection afforded by encryption is data protection only, obviously: encryption can't deter a thief from stealing a computer. When combined with the correct physical security, I tend to think of encryption as backup protection for data in case physical security fails (guys brandishing guns, for example). But, encryption need not be a secondary protection mechanism. It can also be your primary data protection method if you can't afford the right physical security. (Your office door doesn't really count as physical security. Anyone can kick it in and gain access to your office.) For example, how do you provide physical security for your laptop when you're out in the open? You don't because you can't, unless your plan is to have a three-dan black belt carrying the laptop around, handcuffed to his wrist. I'd bet that a pretty expensive solution. Or, you can just encrypt the contents of the computer and protect the data that way. Again, it can't provide you with physical security, but the data will be protected no matter what.
Small and medium-sized businesses and charities think that encryption is hard to implement and expensive; they'd rather deal with good old physical security. I'd say this is a common misconception regarding data security.
It's the big guys that can afford the physical security that often takes the place of data encryption: the security guards; industrial-strength, magnetically-sealed doors; the 24-hour monitoring, etc. The beauty of physical security is that it provides two types of protection: data protection and asset protection.
The protection afforded by encryption is data protection only, obviously: encryption can't deter a thief from stealing a computer.
When combined with the correct physical security, I tend to think of encryption as backup protection for data in case physical security fails (guys brandishing guns, for example).
But, encryption need not be a secondary protection mechanism. It can also be your primary data protection method if you can't afford the right physical security. (Your office door doesn't really count as physical security. Anyone can kick it in and gain access to your office.)
For example, how do you provide physical security for your laptop when you're out in the open? You don't because you can't, unless your plan is to have a three-dan black belt carrying the laptop around, handcuffed to his wrist. I'd bet that a pretty expensive solution.
Or, you can just encrypt the contents of the computer and protect the data that way. Again, it can't provide you with physical security, but the data will be protected no matter what.
Related Articles and Sites:http://www2.morganton.com/content/2009/may/05/stolen-east-burke-christian-ministries-laptop-cont/news/http://www.databreaches.net/?p=3715