Yet another tale about a stolen laptop containing private data. Read all about it here: http://www.theregister.co.uk/2007/03/28/hospital_laptop_theft/.
The healthcare authority concerned say they are “very very sorry” (http://news.bbc.co.uk/1/hi/england/nottinghamshire/6498067.stm). I’m sure they are. Here’s a quick fix: for £3.95 you can buy a simple lock. Probably wont deter a targeted crime but should put off the opportunist thief.
My question is: why on earth wasn’t the private data stored on that laptop encrypted? Data security is a fundamental – we need to know the value and location of our most valuable data assets and ensure that they are given proper protection. And it’s not as if we’re not warned because every week there’s another article about another hapless organisation bleeding data through it’s own carelessness.
Here’s some further reading for you:
Article on security awareness from SC Magazine: http://scmagazine.com/us/news/article/634722/train-employees-best-defense-security-awareness/
A blog talking about security awareness with an interesting response: https://www.computerworld.com/blogs/node/4175
Information about the Security Awareness Special Interest Group (SASIG): http://www.thesecurityco.com/kzscripts/default.asp?cid=13