Why Full Disk Encryption Matters: Road Warrior Airport Hazard
Full disk encryption is not the be all, end all when it comes to data security. However, it can be an effective antidote for all the random occurrences in life that can result in a data breach, as can be seen from the following story.
The Computerworld website has a blog called the "Shark Tank." It's a blog where readers send in their IT stories, usually involving an instance where the IT guy is right and the non-IT guy is wrong. Sometimes I will commiserate with the one, sometimes with the other. What I find from reading this particular blog is the extent of random happenstances that can occur, and why in the long run it pays to have hard drive encryption.
For example, the latest entry that I have read involves a road warrior who has returned from a business trip and finds he cannot access his laptop. On top of that, he finds his cell phone has been stolen from his computer bag. He calls the IT guy, who promptly points out that this cannot be the road warrior’s laptop. Turns out, road warrior guy must have grabbed the wrong computer bag—an identical one to his—at the airport, which happened to contain the same exact computer model he was using. Chances are warrior guy wouldn’t have noticed anything awry even if he had to boot up the computer at the airport; he would have just assumed that the laptop was acting up.
When I first heard this story I thought to myself "how funny; what are the chances?" However, when one considers that corporate America gets most of its equipment from a handful of vendors, it wouldn’t be unusual for something like this to happen. I imagine it happens all the time at airport lines, especially when you take your laptop computer out from your bag so it can be scanned by the x-ray machine. Forget picking up the wrong computer bag with the wrong laptop; you could potentially stuff the wrong laptop into the right computer bag or vice versa.
The unfortunate thing about life is that calamities happen—all the time. Some of the incidents, we may look back on them and laugh (and post on blogs for a chuckle). Other incidents will reveal themselves to be disasters and require heads to roll. Whether this happens or whether someone is given a slap on the wrist generally depends on the extent of the resulting damage. This, despite stemming from similarly uncontrollable, unforeseeable, and unexpected incidents.
For example, should the CEO of a financial company resign because a rogue employee put the firm in the hock for $7 billion? Assuming that the CEO had no knowledge of this scam? I can understand why some would argue with an emphatic "yes" while admitting that there’s no realistic way the CEO could have prevented the rogue employee’s actions. How do you oversee thousands of employees, most of whom you’ll never come into contact with?
The answer is you can’t. However, things can be done to mitigate the effects of certain accidents. Regarding the road warrior above, there’s no way anyone would have anticipated that laptop bags would be switched at the airport. However, if the contents are protected using whole disk encryption, then the data residing on that laptop computer is unavailable for outsiders, and the extent of the damage from the accident would be relegated to some lost productivity and the price of the laptop. Well, just productivity, since he still has the same hardware in his possession. Hopefully, data was backed up and the only exasperating aspect of the incident would be copying the lost data to a new computer.
Of course, one cannot claim that his or her company is fully secure just because all the computers in the office have been deployed with disk encryption. Encryption is one facet of the many things that need to be done to protect data in this digital age; however, it is possibly one of the more important steps one can take if the company deals with sensitive data and employs a mobile workforce.
For example, the latest entry that I have read involves a road warrior who has returned from a business trip and finds he cannot access his laptop. On top of that, he finds his cell phone has been stolen from his computer bag. He calls the IT guy, who promptly points out that this cannot be the road warrior’s laptop. Turns out, road warrior guy must have grabbed the wrong computer bag—an identical one to his—at the airport, which happened to contain the same exact computer model he was using. Chances are warrior guy wouldn’t have noticed anything awry even if he had to boot up the computer at the airport; he would have just assumed that the laptop was acting up.
When I first heard this story I thought to myself "how funny; what are the chances?" However, when one considers that corporate America gets most of its equipment from a handful of vendors, it wouldn’t be unusual for something like this to happen. I imagine it happens all the time at airport lines, especially when you take your laptop computer out from your bag so it can be scanned by the x-ray machine. Forget picking up the wrong computer bag with the wrong laptop; you could potentially stuff the wrong laptop into the right computer bag or vice versa.
The unfortunate thing about life is that calamities happen—all the time. Some of the incidents, we may look back on them and laugh (and post on blogs for a chuckle). Other incidents will reveal themselves to be disasters and require heads to roll. Whether this happens or whether someone is given a slap on the wrist generally depends on the extent of the resulting damage. This, despite stemming from similarly uncontrollable, unforeseeable, and unexpected incidents.
For example, should the CEO of a financial company resign because a rogue employee put the firm in the hock for $7 billion? Assuming that the CEO had no knowledge of this scam? I can understand why some would argue with an emphatic "yes" while admitting that there’s no realistic way the CEO could have prevented the rogue employee’s actions. How do you oversee thousands of employees, most of whom you’ll never come into contact with?
The answer is you can’t. However, things can be done to mitigate the effects of certain accidents. Regarding the road warrior above, there’s no way anyone would have anticipated that laptop bags would be switched at the airport. However, if the contents are protected using whole disk encryption, then the data residing on that laptop computer is unavailable for outsiders, and the extent of the damage from the accident would be relegated to some lost productivity and the price of the laptop. Well, just productivity, since he still has the same hardware in his possession. Hopefully, data was backed up and the only exasperating aspect of the incident would be copying the lost data to a new computer.
Of course, one cannot claim that his or her company is fully secure just because all the computers in the office have been deployed with disk encryption. Encryption is one facet of the many things that need to be done to protect data in this digital age; however, it is possibly one of the more important steps one can take if the company deals with sensitive data and employs a mobile workforce.
Use the feedback form below to submit your comments.
Use the form below to email this article to your friends.
- Beginner's Guide to the Internet
- RAR Extractor
- Dual Monitors
- Computers for Seniors, Not as Scary as You Might Think
- There Is a Computer Virtual Machine in Your Personal and Professional Lifes - Part 1
- Computer Skills: Which Ones Your Staff Needs
- To Defrag or Not to Defrag!
- Bookmarks the Spot you Want - IT in your Language
- Ultimate XP Pro PC toTV Converter
- Slow Computer? - Speed it Up.
- PC to TV Converter
- Power of Rich Internet Applications
- File Synchronization Tool - Synchronize Files and Folders Handily
- How To Remove Fakealert Trojan Fast And Safely
- The Theory Of Meaningless Numbers
- A ghost on my computer
- Computer Equipment Dealer - Technology Guideline
- How to Avoid the Pitfalls of a Computer Crash
- Play 4:3 Ppt On 16:9 Screen Without Distortion
- Speech Recognition Software