CIO Symmetry

Apr 21 2010   2:58PM GMT

Apple’s lost iPhone a lesson in chain of custody, data loss prevention

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

Security threats are everywhere. Not just your traditional hackers and cybercriminals — I’m talking about the people who work for you. Those who absent-mindedly leave a laptop in an airport or misplace a flash drive are putting your company’s data at risk.

This type of data loss is pretty common, no matter how serious you are about security. Just ask Apple.

Apple Inc.’s next-generation iPhone prototype was reportedly left behind at a bar last month by an Apple software engineer and just recently returned to the company (after a revealing stay with Gizmodo), providing an unprecedented first look at the newest version well before the expected launch date.

A few weeks ago, I interviewed Larry Ponemon, founder and chairman of the Ponemon Institute LLC, a privacy and information management research center, for a story I was writing about data recovery. One of the points Ponemon stressed was paying attention to the chain of custody — the journey your data takes whenever it leaves the organization — because it’s not as closely watched as we may think.

Ponemon said he knows of one company that sent a senior executive’s laptop out for data recovery services and never got it back. “It was lost in the cab on the way back,” he said. “No one questioned the chain of custody.”

So maybe we can’t prevent human error when it comes to lost devices, but we should keep our eyes wide open to the possibility. Keep close track of your company’s devices and mitigate the risks of data loss via encryption.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: