subject: Companies take costly steps to secure laptops
posted: Mon, 24 Jul 2006 23:34:20 +0100


http://www.usatoday.com/tech/news/computersecurity/2006-07-23-laptop-secure_x.htm?POE=click-refer&WT.svl=bestoftheweb2

Companies take costly steps to secure laptops

Posted 7/23/2006 10:52 PM ET
By Jon Swartz, USA TODAY

SAN FRANCISCO - Big U.S. companies are taking tough measures to shore
up laptop security amid a rash of thefts.

The actions of Ernst & Young, Fidelity Investments and other high-
profile victims underscore the balancing act for executives, who must
weigh the costs of additional security and customer privacy with the
financial benefits of a mobile workforce.

"There is a trade-off between the cost of security and how much
security you actually get," says Robert Seliger, CEO of Sentillion, a
data-security company.

About 88 million Americans have been exposed to potential ID theft
since February 2005 as a result of reported data breaches, says the
Privacy Rights Clearinghouse. In at least 43 instances - a fourth of
all reported breaches - stolen or missing laptops were involved. Few
of the laptops have been recovered.

What companies are doing:

o Ernst & Young started encrypting - or scrambling - data on laptops
for its 30,000-person workforce in the USA and Canada after a laptop
with personal information on about 38,000 customers was stolen from
an employee's car in February.

o Fidelity accelerated encryption on thousands of employee laptops.
The mutual fund giant was the victim of a laptop breach in March that
affected data of 196,000 current and former Hewlett-Packard workers.
It also is increasing training on laptop security and protection of
customer data.

o Aetna undertook several preventive measures after a laptop
containing names, addresses and Social Security numbers for 59,000
members was swiped from an employee's car in April. The insurer had
employees re-encrypt and recertify files. Every company PC was
audited to ensure files were properly encrypted. Aetna also tightened
restrictions for storage devices such as thumb drives.

Encryption can be pricey. Gartner estimates a company with 100,000
customer accounts can spend $30 to $40 per laptop on data encryption.
Yet, the cost of a data breach is even higher. Companies with 100,000
customer accounts will spend at least $90 per account if data are
compromised or exposed - not including fines and lawsuits, Gartner
says.

Walking off with a laptop is easy. Few have alarms, and only a few
have encrypted data. People also tend to leave them in unlocked cars
or unattended at airports, says Keith Burt, project director of San
Diego's Computer and Technology Crime High-Tech Team.

As more people store data in a mobile environment, laptops have
become more attractive to identity thieves, says Bob Egner, a
marketing executive at security software maker Pointsec Mobile
Technologies. Personal information sells on the Internet for about $1
per stolen record, Egner says.

---
* Origin: [adminz] tech, security, support -
http://cyberdelix.net/adminz/

generated by msg2page 0.06 on Aug 7, 2006 at 10:37:38

 search: