Security threats are everywhere. Not just your traditional hackers and cybercriminals — I’m talking about the people who work for you. Those who absent-mindedly leave a laptop in an airport or misplace a flash drive are putting your company’s data at risk.
This type of data loss is pretty common, no matter how serious you are about security. Just ask Apple.
Apple Inc.’s next-generation iPhone prototype was reportedly left behind at a bar last month by an Apple software engineer and just recently returned to the company (after a revealing stay with Gizmodo), providing an unprecedented first look at the newest version well before the expected launch date.
A few weeks ago, I interviewed Larry Ponemon, founder and chairman of the Ponemon Institute LLC, a privacy and information management research center, for a story I was writing about data recovery. One of the points Ponemon stressed was paying attention to the chain of custody — the journey your data takes whenever it leaves the organization — because it’s not as closely watched as we may think.
Ponemon said he knows of one company that sent a senior executive’s laptop out for data recovery services and never got it back. “It was lost in the cab on the way back,” he said. “No one questioned the chain of custody.”
So maybe we can’t prevent human error when it comes to lost devices, but we should keep our eyes wide open to the possibility. Keep close track of your company’s devices and mitigate the risks of data loss via encryption.