Laptop precautions: Do companies care?

Over the past few months there has been an unremitting drumbeat of news stories about vast amounts of data being lost when corporate laptops are stolen. In almost all these cases, the data on the laptop was not encrypted, but that is not the real problem.

The latest example comes from Ernst & Young, which had a laptop stuffed with information about more than 240,000 Hotels.com users stolen. Apparently, this happened a while back, but Ernst & Young did not have the honesty to admit its stupidity publicly until The Register started nosing around.

This is not the only laptop Ernst & Young has let slip through its fingers this year. Earlier, four company laptops were stolen from a conference room while the auditors who were supposed to protect them were off at lunch.

Ernst & Young is hardly alone in its zeal to expose others’ confidential information, then not fess up. There is the marvy case of the Department of Veterans Affairs employee who for years had been taking home disks full of Social Security numbers and other information on veterans (26 million, as it turned out). It took the department weeks to break the news when the data finally was stolen.

These cases are stupid. Doesn’t anyone at these companies read the stories in the papers about the problem of stolen laptops? The problem is best described by Ernst & Young on its Web page on information security: “However, organizations are missing the rare investment opportunities that compliance offers to promote information security as an integral part of their business.” Ernst & Young seems to be a perfect example of what it was talking about.

The problem isn’t that these laptops were not using encryption. The real problem is having Social Security and credit card numbers on laptops.

I see no possible reason for an auditor such as Ernst & Young to ever have Social Security or credit card numbers on a laptop. In any reasonable society this would be illegal. Disclaimer: Harvard, as far as I know, does not teach abject stupidity, so the above rant is mine, not the university’s.

QuickLink: 069230

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now