81% of U.S. businesses surveyed this year reported that, in
the previous 12 months, at least one of their laptops or other portable
electronic devices had been lost or stolen. U.S. Survey: Confidential Data at Risk,
5 Privacy & Security Law Report 1162 (2006). When a laptop is lost
or stolen, unencrypted data on the computer can easily be accessed.
Even if a user name and password are needed to sign on to the laptop,
the hard drive can be removed in a few seconds and all data on the hard
drive can be copied to another computer or to a storage device in
minutes.
Despite the high risk
sensitive data may be obtained from lost or stolen laptops, many
businesses continue to allow employees to store such information on
laptops and to take the laptops home, on business trips, and on
vacations. Business managers should consider whether their current
laptop security practices are sufficient. If a business' trade secrets,
attorney-client privileged information, customer lists, or financial
information are obtained from a lost or stolen laptop, affected
shareholders, employees, or business partners may argue that the
business failed to take adequate steps to safeguard the data. Avivah
Litan, vice president and analyst at the Gartner Group, said in a
recent interview: "Frankly, there is no excuse anymore not to encrypt
data on laptops and mobile devices. . . . The cost for laptop
encryption is $40 or less per laptop. . . . [T]here is no excuse today.
It is really bordering on negligence." An Interview with Experts on the Cost of Ensuring Data Security,
6 Privacy Advisor 20, 23 (2006). Every company with sensitive data on
mobile devices should consider whether the data should be encrypted.
6:31:52 PM  PermaLink /
|
|
