in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Cost Of A Medical Data Breach: $7 Million And Counting At BCBS Tennessee

BlueCross BlueShield of Tennessee has spent more than $7 million cleaning up after a data breach they had announced in October 2009.  I'd say there was a good chance that all of this could have been averted with the use of hard drive encryption.

57 Hard Drives Stolen

In October of last year, BCBS of TN announced the theft of hard drives from a training facility.  Initially, reports had mentioned that 68 drives had been stolen, but more recent stories are reporting that it was actually 57 drives.

Overall, it was a highly frustrating story to keep track of.  Aside from the above, it was at times reported that personal information was unlikely to exist in the stolen drives.  Then, BCBS did an about-face, saying that personal information was stored on the devices.

Also, initial reports noted that encryption software was used on the hard drives.  About two months later, it turned out that encryption was not used; the data was encoded.  Whatever that means.

I'm not sure how much we can blame BCBS on these reversals in details, though.  On-line news has become so trigger-happy that sometimes the blame lies on the messenger.

700 People Working On Identifying Content

Why is it costing BCBS so much money?  Especially when you consider they aren't even done with their investigation?  I imagine a sizable portion is due to the free credit-monitoring service that was offered to those affected.  Of the 220,000 people that were notified, 20,500 have already signed up for the service.

It also turns out that they've got 700 people working on identifying what and who was breached.  Why 700 people?  The information included video and audio files.  I assume that, since there is no reliable way of extracting information from such files, people have to play the files one by one and note whether names, SSNs, and other personal information is found within them.

Like I've noted, the use of disk encryption would have prevented the need for expending so much money and manpower and time (recently passed HITECH laws give safe harbor when encryption is used to protect data controlled by HIPAA-covered entities, if I'm not wrong).

On the other hand, an alternative and better method may have been destroying any data that was not necessary anymore, operational or legal-wise.


Related Articles and Sites:
http://alertboot.com/blog/blogs/endpoint_security/archive/2009/10/06/data-encryption-software-on-68-missing-blue-cross-blue-shield-hard-drives.aspx
http://www.ihealthbeat.org/articles/2010/1/26/tab-for-response-to-data-breach-hits-7m-for-bcbs-of-tennessee.aspx

 
<Previous Next>

Laptop Encryption Software: Methodist Hospital Loses Laptop From Premises

Data Encryption Software: Man Grabs Laptop From Woman At A Starbucks

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.