Do you ever feel uneasy about running into a restaurant or coffee shop, knowing your company-issued computer is sitting on the passenger's seat? Like tens of thousands of others, you have good reason for that uneasy feeling. Laptop thefts account for an alarming percentage of data breaches and subsequent identity theft. What can be done about it when you do not want to lug your laptop around with you everywhere? There are a few options, ranging from the most simple physical security of locking it in your trunk or a more elegant solution of data encryption.
Since human error and sloth linger in the shadowy nightmares of Information Security professionals, the best solution is to remove the human element - adopt encryption technology. This might sound cumbersome, and in some cases it is, but there are products on the market which simplify the encryption process from USBs, to individual folders, to whole hard drive encryption. Entire suites can be purchased for less than $150, so the cost is relatively minimal considering the potential costs associated with the after-effects of a data breach. I do not know one company that would relish the idea of being broadcast on the 5 o'clock news about how an employee had a laptop stolen from a car that contained thousands of client records, including personally identifiable information (PII). Sadly, it happens all the time.
Working with an IT provider, such as TeamLogic IT, you can secure the data of your mobile workforce, including PDAs ad "smart phones." Once the encryption software is setup, it can be as easy as putting in a password at startup to decrypt the entire hard drive. Every client has different needs and concerns, so be sure to know the strengths and weaknesses of your workforce before blindly picking a solution. A good solution will prohibit a user from turning off the annoyance of the added steps inherent to encrypting data.
Many states include "encryption exemptions" into their data breach laws. This means public disclosure of a data breach can be avoided IF the data was encrypted at the time of the breach. What this means to a company is huge - it is the difference between filing an insurance claim to replace the stolen/lost computer and the legal quagmire of notifying clients, partners, and others of a data breach.
If you have any questions regarding encryption, talk with your IT provider. If it is a service they do not offer or have experience in, please contact me and I will assist you.
Comments