« Consolidation or Proliferation? The Future of Security Products | Main | More on Laptop Losses – How many go missing? »

Laptop Thefts Down at the FBI

It’s not often you get to see security incident data from other organisations, so I was interested to read a report published this month about laptop losses and theft at the FBI. This type of data is hard to come by because few organisations (other than Royal Mail Group) maintain reliable, historical data on such security incidents. And even fewer publish such information. It’s good to see that the FBI has successfully reduced laptop losses by around two-thirds, from around a dozen a month to less than four a month. The figures seem consistent with other data I’ve seen. In Royal Mail Group the problem was initially bigger, though the reduction was greater. Such savings represent hundreds of thousands of dollars a year in incident and replacement costs, not to mention the value in reputation protection and safeguarding of valuable intellectual property. And it’s not difficult to reduce the losses. It just requires a small amount of research and analysis, followed by a few simple, targeted, educational interventions. It's certainly one of the easiest and cheapest security investments for any organisation. So let’s all copy this example.

Tags:

Posted by David Lacey on February 19, 2007 9:42 PM |

TrackBack

TrackBack URL for this entry:
http://www.computerweekly.com/cgi-bin/mt/mt-tb.cgi/4457

Comments (1)

Edward P Gibson:

Hi David,
In reply to your post about "Laptop Thefts Down at the FBI", you rightly note that losses/thefts are down, but then your article goes on to compare the FBI stats to those of the Royal Mail. "Apples to Oranges" comparison distort the true picture, but there is no way you could have (or even should have) known. FBI or contractor laptops are usually encrypted, incapable of adccessing the Internet, CD/DVD drive and USB ports blocked, and in many cases mere word processors, due to possible sensitivity of investigations. I suspect laptops at the Royal Mail did not have such functions deactivated and thus posed a greater hazard if lost or stolen. Regardless, even the loss of one laptop could spell disaster for a business, large or small. Encryption and 'additional factor' authentication(s) must be considered by all businesses for it is not a matter of "if", but "when" will that lost laptop contain information none of us would want in the public domain. In this case, an ounce of prevention is worth far more than a pound of cure.

Ed
Edward P Gibson
Chief Security Advisor
Microsoft Ltd UK
EdGibson@microsoft.com

Posted by Edward P Gibson | February 25, 2007 5:38 PM

Posted on February 25, 2007 17:38

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on February 19, 2007 9:42 PM.

The previous post in this blog was Consolidation or Proliferation? The Future of Security Products.

The next post in this blog is More on Laptop Losses – How many go missing? .

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type