If it moves, encrypt it

You’d think after dumping 205 million gallons of crude in the Gulf a company like BP would be a cautious lot. Let’s hope their drilling practices have become much safer than their computer security practices. BP disclosed this week an employee lost a notebook containing the personal and private information on 13,000 individuals who had submitted claims associated with the spill. This would not be a problem if the computer had been encrypted. Unfortunately for BP and the 13,000 victims it was not.

Sadly, this is happening all too often. The Privacy Rights Clearing House reports 29 of the 144 breaches reported so far this year have involved lost or missing portable devices which were not encrypted. Since this is happening so frequently you may think encrypting a drive is an expensive or arduous task. The surprising news here, it’s not. Many commercial programs are available for less than $100 and there’s even a free, open-source choice here.

Ultimately this is simply a good business practice and the kind of thing your clients or patients deserve. Besides, encryption meeting NIST standards offers HIPAA and SEC safe harbors so you can do the right thing and keep the regulators happy at the same time.

Advertisements

About securitysnapshot

Security Snapshot LLC is a computer and information security company helping concerned business owners protect their reputation and their client's private and personal information.
This entry was posted in encryption. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s