Sometimes, drive encryption is useful not to thwart super-hackers, but to prevent breaches arising from living our daily lives. Consider this recently released survey: A study has found that 4,500 memory sticks were lost last year at the cleaners in the UK.
Or rather, it was left in the pockets of garments; whether they ultimately disappeared or were returned with the clothes has not been revealed. The good news? Similar incidents were down 50% from the previous year.
It is assumed, though, that this reduction is a result not because people have become more aware of the need for security and changed their behavior. Rather, it probably stems from the change in how people store and access data: the use of smartphones and netbooks and other lightweight devices is spreading, and thus the relative need for a USB disk is declining in proportion.
That’s both good news and bad news.
The bad news is that people will still experience theft or loss of devices, so the move from USB disks to larger, multipurpose devices doesn’t mean the need for data security is diminished in any way. What’s lost on the USB devices’ column will probably be reflected in the netbook and smartphone columns.
Furthermore, I’d guess that people have more sensitive information saved on such devices because these feel “safer,” in the sense people are not going to “forget about them”. The problem is, what people think will happen, and what actually does happen, are two different things.
Consider, for example, the statistic that 600,000 laptops are lost at US airports each year. This is at an airport, where people’s awareness level is raised because stuff routinely gets lost or stolen. In everyday life, I’d assume lower levels of “security awareness”–we’re talking about everyday life, after all–would lead to higher rates of device losses.
The good news? The move towards larger devices should curtail objections towards using data protection tools like encryption software. For example, while not acknowledged, people do have reservations about spending more for security than for the device itself.
For example, if someone gets a 32 GB flash drive (current retail price: $70) but finds that the cost of encrypting it comes to around $50, well, how many people will spring for it? The fact that you’re able to use the encryption tool on as many flash drives as you want is rendered moot because, with 32 GB, how many more USB drives does a guy need?
However, if people are opting to carry around laptops and smartphones that retail for $400 or more, then the psychological block is diminished, and protecting its data becomes viable. (Not that I’m crazy about it; sensitive data ought to be protected, regardless of what type of “container” it’s stored in. However, we’ve got to work with what we have.)
Related Articles and Sites: