Full Disk Encryption Is Better When Used Expeditiously
Two banks end up using hard drive encryption to secure data, but their approaches are different. So are their successes with the technology.
Bank of Ireland customers, nearly 10,000 of them, have had their information stolen. Between June and October of last year, four laptops were stolen from the bank’s life assurance division. The information breach included data on personal pension plan details, dates of birth, addresses, and bank account details. Whole disk encryption solutions like AlertBoot were not featured in the stolen laptops.
However, the bank must have realized at some point that full disk encryption is a convenient way of securing the data on their computers: the bank is in the process of encrypting all 5000 of them, which will take about two weeks.
This certainly pales in comparison to how the other type of bank in Ireland handled a similar situation earlier this year. In February, an Irish blood bank had reported that almost 175,000 people could have been affected by the theft of a laptop (actually, a mugging). But, chances are they weren’t and won’t be because the contents of the laptop in question were encrypted. Plus, the CD that went from Ireland all the way to New York with the data in question was encrypted as well (a stark contrast to how the UK government approaches things). The blood bank made sure that information was protected at every stage of the process.
What prompts certain companies that deal with sensitive data to do everything possible to decrease the probability of a data breach? And why do others dillydally? After all, sensitive data remains sensitive no matter who’s holding it. Plus, there is no guarantee that thieves, muggers, conmen, and other scum of the earth will place some kind of moratorium on stealing your digital assets as you try to figure out what to do—meaning, you don’t know when some guy’s gonna hit the back of your head and steal your stuff.
So, why wait? For example, why did the bank above wait nearly one year since the first instance of a data breach? It’s not as if encryption technologies have suddenly gotten tremendously better or cheaper; I’m pretty certain that last year’s offerings remain unchanged this year.
In fact, if shopping for a data protection solution this year, one may face more difficulties: There is now so much interest in data security that companies that have nothing to do with the security business are getting in on the act. Case in point: A couple of months ago, an external hard drive manufacturer debuted a hard drive with built-in encryption (RSA, if I recollect correctly). However, it turns out that RSA, one of the handful of encryption algorithms that are virtually impossible to crack, was relegated to a secondary function. What was really "protecting" the contents of the hard drive was an in house developed encryption algorithm that was easily broken. Although there is no way to verify it, my guess is they used that approach to save themselves some licensing fees. I imagine more people will try to enter the market, offering security products and concepts that are untested.
Encryption is one of those things that are better when used promptly. The sooner you encrypt your data, the sooner can it begin to protect your data.
However, the bank must have realized at some point that full disk encryption is a convenient way of securing the data on their computers: the bank is in the process of encrypting all 5000 of them, which will take about two weeks.
This certainly pales in comparison to how the other type of bank in Ireland handled a similar situation earlier this year. In February, an Irish blood bank had reported that almost 175,000 people could have been affected by the theft of a laptop (actually, a mugging). But, chances are they weren’t and won’t be because the contents of the laptop in question were encrypted. Plus, the CD that went from Ireland all the way to New York with the data in question was encrypted as well (a stark contrast to how the UK government approaches things). The blood bank made sure that information was protected at every stage of the process.
What prompts certain companies that deal with sensitive data to do everything possible to decrease the probability of a data breach? And why do others dillydally? After all, sensitive data remains sensitive no matter who’s holding it. Plus, there is no guarantee that thieves, muggers, conmen, and other scum of the earth will place some kind of moratorium on stealing your digital assets as you try to figure out what to do—meaning, you don’t know when some guy’s gonna hit the back of your head and steal your stuff.
So, why wait? For example, why did the bank above wait nearly one year since the first instance of a data breach? It’s not as if encryption technologies have suddenly gotten tremendously better or cheaper; I’m pretty certain that last year’s offerings remain unchanged this year.
In fact, if shopping for a data protection solution this year, one may face more difficulties: There is now so much interest in data security that companies that have nothing to do with the security business are getting in on the act. Case in point: A couple of months ago, an external hard drive manufacturer debuted a hard drive with built-in encryption (RSA, if I recollect correctly). However, it turns out that RSA, one of the handful of encryption algorithms that are virtually impossible to crack, was relegated to a secondary function. What was really "protecting" the contents of the hard drive was an in house developed encryption algorithm that was easily broken. Although there is no way to verify it, my guess is they used that approach to save themselves some licensing fees. I imagine more people will try to enter the market, offering security products and concepts that are untested.
Encryption is one of those things that are better when used promptly. The sooner you encrypt your data, the sooner can it begin to protect your data.
Use the feedback form below to submit your comments.
Use the form below to email this article to your friends.
- Why Full Disk Encryption Matters: Road Warrior Airport Hazard
- Data Encryption for Information Security
- How To Make Your System Secure With Encrypting
- Cryptograph - Public Key Algorithm
- Cryptology - Secret Key Algorithm
- Security in Windows® XP Professional Edition
- Security in Windows® XP Home Edition
- Sony BMG Recalls CDs Because of Security Risks
- Cryptography Basics
- Keeping your password secure
- Keeping an Eye Out with an Internet Security Camera
- Even Demos Can Be Essential Tools for Computer Security
- Avoid Headaches Down the Road With Your Internet Security
- 12 Essential Security Tools for Your Computer
- Secure your computer properly
- How Can We Trust Our Security Software?
- Safety Tips to Building a Computer
- Computer Security and Maintenance at No Cost
- Warning for Apple Users After New Security Scares
- Full Disk Encryption Is Much More Powerful Than Password Protection
- Choosing Security Software to Stay One Step Ahead of Hackers
- What is the Difference between Malware, Adware and Spyware
- Computer Security Authentication
- Types of Computer Security