State Rep. Frank Dermody, a Pennsylvania state representative, has had his state-issued laptop computer stolen. There was no sensitive data on the computer, according to the Pittsburgh Tribune-Review. This is probably the best type of data security one could have: no sensitive data means no data breach. But, this doesn’t preclude the need for data security software like hard disk encryption from AlertBoot.
Why Encryption And Other Security Software Needs To Be Installed
The problem with computers is that generally one can’t be absolutely sure that there was no sensitive information stored on them. Sure, they start out being used for some “official” purpose, and documents are signed and initialed to establish that a computer user has read and understood an agency’s computer security policies.
But soon enough, the use of that computer devolves to other things as well, especially for laptop computers. Why? Because they are portable, and can be taken outside a workplace; and once they’re out of the workplace…
Maybe the kids will want to surf the net, and the home computer has been sent for repairs, so one turns to the work computer. Or maybe the home computer can’t be trusted, and one knows the workplace computer is better protected and maintained, so that’s used for on-line banking…which actually turns out to be a phishing scam.
So, even though it may not be the case in this particular instance, the use of information security programs like encryption software, antivirus software, and other programs (as needed) should be installed on a computer.
Maybe Encryption Software Was Installed?
In the case of our state representative above, I get the feeling that disk encryption was used on the now-missing laptop. According to the Pittsburgh Tribune-Review, the legislature’s IT department “erased [Rep. Dermody’s] password” when he contacted them about the laptop’s theft.
Which, outside the context of encryption, doesn’t make much sense. For example, let’s say that there was password-protection on that computer. If one gets rid of the password…well, what’s protecting it?
On the other hand, if an encrypted computer’s password is deleted, encryption still protects the contents of that computer. In fact, getting rid of the password is probably the best policy if a computer gets stolen. This way, the only way to gain access to the computer is by figuring out the encryption key, which is harder to randomly guess than a password (well, assuming your IT guy did his job properly).
Related Articles and Sites: