Howard Wright and others have asked me about the possibility of alternative solutions to storing confidential data on laptop hard drives. It’s a good question. We can’t eliminate losses and thefts so it makes sense to explore innovative ways of securing the data, especially if they offer other business benefits, such as lower costs or greater agility.
Of course the preferred solution is encryption of hard drives. That’s now mandatory. But you shouldn’t attempt it until you have a bulletproof key management system in place. And you can’t install a PKI overnight. It requires planning, specialist advice, new policies and operational processes. So how about the use of thin client devices, perhaps supplemented by USB devices? It could be a quick practical fix.
There are quite a few thin client laptops emerging. Major vendors such as HP have introduced new models, and there are outlets such as Thin Client that specialize in the sale of thin client devices. With limited storage options, they don’t meet every need but are ideal for mobile devices predominantly used in wireless equipped locations. USB devices can be used to store data and applications to enable off-line working but then you’re back to the original problem of encrypting data or losing data on stolen or lost devices.
Well not quite. USB devices hold less data than hard drives (though they’re getter bigger) and they’re much smaller, presenting a different risk profile. They’re likely to be carried around a lot more and they’re easier to mislay. But they’ll attract less theft and are unlikely to be left behind in vulnerable locations such as hotel rooms, unattended offices and car boots. They’re also less likely to be reported missing. So you might suffer unreported business damage but at least you won’t attract any embarrassing publicity.