Data Encryption Software: Proof That Computer Size Does Not Equal Protection – Server Stolen From MOD.
The Ministry of Defence in the UK has admitted to having a computer server stolen from a secured government building. It also has reported the loss of personal data for 1.7 million people when a portable hard disk was stolen, also from a secure room. It just goes to show that you need a combined, layered approach to data security, such as physical obstacles–like doors and locks–and information security programs, like drive encryption software from AlertBoot.
Server Goes Missing
According to the “Annual Report and Accounts,” the MOD discovered that a server was missing after a government building was closed. The breach took place in September 2008, and the lost data includes names, addresses, (military?) service numbers or National Insurance numbers, and medical records for 700 people.
Whenever laptop computers go missing, a number of the on-line community remark that sensitive data shouldn’t be on laptops. Instead, they state, it should be on servers that are under key and lock, and are guarded.
A computer server under the aegis of the MOD would fit the bill exactly, and yet, we see that this does not quite guarantee data security. And why would it? Plenty of stuff gets stolen or goes missing from locked rooms, including items that are physically big. Being under lock–while always recommended–is not a guarantee of security. And what about servers?
Servers != Security
A lot of people seem to think that a server has some kind of magical property that will prevent it from becoming stolen. I’m not sure why people think this way. Let us remember, any computer can act as a server, including laptops (if I’m not mistaken, I’ve heard people refer to such laptops as “California servers” during the height of the first internet boom).
And even if something other than a laptop is used as a server, it doesn’t mean it can’t get stolen. My own experience shows me that servers are not particularly heavy or cumbersome, at least not enough to dissuade me from stealing one if I really wanted to. Stealing cinder blocks, 15 years ago, for my dorm room’s bookcase was probably harder.
Storing data on servers is meaningless. Granted, one generally doesn’t carry around their servers on their way to business meetings, and thus data breach incident rates would be lower. However, this just proves that security stems–not from storing information on a “server,” whatever that means–but from not carrying sensitive data around.
And if you do have to carry it around? How about employing encryption software so that your information security won’t be breached if something untoward occurs?
Full disk encryption software for computers and portable drive, or document protection software like file encryption would ensure that sensitive data remain uncompromised in the event of theft. In fact, it may be a good idea if you don’t carry the data around, but can’t trust the security of your workplace.
Related Articles and Sites: