Full Disk Encryption: Because Physical Security Can Still Lead To $23000 Worth Of Computers Being Stolen.

The McMicken College of Arts and Sciences (at the University of Cincinnati) had a break-in which saw the theft of 13 computers.  The situation being what it is, the use of hard disk drive encryption like AlertBoot would have been unnecessary.  However, the situation shows us why the use of encryption is desirable over the use of physical security methods.


Lab Not an Impregnable Fortress (But Sounds Like One)



According to newsrecord.org, the computers were stolen from the journalism computer lab.  This lab was “accessible by key and is protected by a secure lock system.”  The computers were secured using “padlocks and cables.”  In other words, there was some pretty standard physical security in place.  An impressive show of force.


It didn’t stop someone from stealing thirteen computers.  Somehow, a man broke into the facilities (without force.  It’s believed he had a key) and used a bolt cutter or some other similar tool to cut through the computer cables.


Of course, the use of encryption software would not have been warranted in this particular case because one assumes, not wrongly, I might add, that computers being used in a semi-public setting by any given number of people usually don’t store information that requires security or confidentiality.


But, this case is suggestive of why computers that do store sensitive information ought to be protected in some manner that ensures data security.  How to do that?  Via the use of data protection tools like disk encryption.


Why Use Encryption Software?



What’s so special about encryption?  A number of things.


First, it goes where the data goes.  It doesn’t matter where a computer with sensitive data happens to be, if the data is there, so is the protection.


Second, good, strong encryption is hard to break.  You can’t do it with $25 worth of hardware and decent upper body strength.  You would need the resources of a governmental agency that’s dedicated to breaking cryptography.  In other words, it probably won’t be some guy in a hoodie that’ll break it; most probably, it’ll be some guy in a suit.


Third, disk encryption is automatic.  Once you set it up, you don’t have to remember to turn it back on.  The default is “on.”  When you type the password to access encrypted data, you’re essentially turning the encryption off at that point.  Turning it off is what you do each time you want to use your computer.


As you can see, there has been a lot of thought given to encryption.  It beats a $10 cable lock any old day.



Related Articles and Sites:
http://www.newsrecord.org/index.php/article/2011/11/mcmicken_computer_lab_looted_23k_lost



Comments (0)


Let us know what you think