in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Breach Cost: $7 Million Used In Maricopa Breach Notification

What's kind of cost is involved when you have a data breach that affects nearly 2.4 million people? For starters, you can expect to shell out $7 million like Maricopa County Community College District (MCCCD) did, and then another $7 million to fix things up.  Figures like these provide an excellent impetus on why organizations should use data encryption solutions like AlertBoot.

Data Breach in April, Notification in November

According to azcentral.com, MCCCD waited seven months before notifying over 2 million students and employees that their information was compromised in April of this year.  Seven months were required to figure out the extent of the damages, who to notify, etc.  According to the investigation, it appears that hackers broke into MCCCD's servers; stole personal information; and made it available in the internet underground.

College district employees, as well as current and former students of ten colleges, are being sent a breach notification letter.  The breached data included SSNs, driver's license numbers, bank account information, and grades.

(Based on the above, it seems like a miracle that HIPAA covered entities like hospitals can do the same within 2 months.  But then again, if you've got the right setup – as you should, if you're forced by law, to finalize everything in that period – doing it within 2 months is not a stretch, no matter how many people were affected.)

$7 Million Notification Process

The article also noted that the college district board approved a "$7 million notification process" just last week.  The money will be given to an outside consultant who will be in charge of ensuring that everyone is notified.  The consultant will also be setting up a call center (for people with inquiries regarding the data breach and how to proceed, undoubtedly).  Furthermore, it will also provide for credit monitoring services to those who desire it.

In addition, an extra $7 million is being used to upgrade the security at MCCCD.  It hasn't been mentioned whether all of that is going towards firewalls and other tools for keeping hackers out, or if MCCCD decided to take a more holistic approach.  That is, whether they looked at their current situation and asked themselves, "what if a laptop had been stolen?" or "do we need more shredders?"

Because, let's face it, data breaches can originate from anywhere, be it a data center, a laptop, a USB flashdrive, or a file cabinet full of documents.

Disk Encryption and Smartphone MDM: One of the Easiest Ways to Prevent a Breach

One of the easiest and best ways to cut down on the risk of a data breach is to protect electronic devices that store sensitive data.  Considering that laptops account for at least a third of all data breaches, regardless of the survey taken, it is worthwhile to ensure that they're protected with encryption software.

There is, however, a bigger threat looming in the horizon: smartphones and tablets.  It's not a secret that these devices are replacing laptops as the computing device of choice.  The substitution is also making inroads into the work environment, and sooner than later, I expect these smaller and more portable devices to comprise a larger piece of the data breach pie.

If such devices area already in use at your workplace as part of an approved (or not officially approved) BYOD program, it's already late: you should have an MDM or similar solution in place to ensure that smart devices do not trigger a $7 million fallout.
Related Articles and Sites:
http://www.azcentral.com/community/phoenix/articles/20131127arizona-college-students-data-breach.html
http://www.databreaches.net/maricopa-colleges-waited-7-months-to-notify-2-4-million-students-of-data-breach/

 

 
<Previous Next>

HIPAA Business Associate Full Disk Encryption: Management And Verification

HIPAA Desktop Computer Encryption: PCs Are More Portable Than You Think

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.