Posted by: Ken Harthun
Encryption, Security, Security best practice
Had it not been for an honest Geek, a fellow Geek’s personal data could have been compromised. Here’s the story.
The honest Geek, calling in sick with the flu, was informed that one his sites had lost internet access. After some preliminary troubleshooting by phone, he attempted a remote access session and could not connect. Another phone call to the site to have someone reboot the server and the person reports the server says “Missing operating system.” Oh, oh. Same message after reboot. Oh, no! Makes trip to site (hasn’t been able to take a sick day for real in 15 months because of stuff like this). Walks into server room. Sees orange light glowing at USB port on front of server. Dawns on him that server rebooted over weekend due to updates. Removes thumb drive. Reboots server. All is well.
The thumb drive in question is not encrypted and contains some very sensitive personal information and was left in the slot by a consultant who was working on a telephone system upgrade. The good news is his data is safe.
The honest Geek will return the thumb drive upon receipt of further instructions from the owner who has been notified that his data is safe.
The honest Geek wonders what a fair ransom might have been, but figures that the lesson learned is sufficient. For those who wonder, the lesson is this: Personal information has no business being kept on a thumb drive that carries your Geek Toolkit. It’s simply too easy to forget to remove it when you are working in the field. If you simply must carry personal information with you, make sure the drive is encrypted.
Be careful out there.