DataSafe 24/7

Your customer’s mobile data is vulnerable. A laptop is stolen every 53 seconds, according to Symantec and 97 per cent are never recovered. What can you do to protect the data on a laptop so that if it is stolen or goes missing the owner does not fall victim to data theft?

Let’s take the Nationwide building society as an example; in August last year it realised a laptop computer was missing. It had 11,000 customer records on it. Oops. Letters to every customer and egg on its face.

Maybe it was stolen for that customer data, maybe not But Nationwide put the identities of its customers at risk by having inadequate security procedures for the data on its laptop. Assume your customers use laptop computers and take them off-site, and assume again there is data on these laptops that could damage or embarrass your customer’s business if revealed.

Point it out to them. What could it cost them in terms of customer embarrassment and customer identity theft if one of their laptops went missing? Then it would be a good idea to encrypt the data on the laptop. How could you do it? You can encrypt the whole drive or just specific folders. Encrypting the entire laptop drive removes the responsibility from the owner to put sensitive files in the right folder to get encrypted.

But such encryption also uses up lots of CPU cycles to encrypt and decrypt files. Users won’t enjoy having their laptop computer performance slowed down for every file access. If they are carrying sensitive and potentially damaging data on their laptop machine it is probably best not to give them a choice, instead forcing an encryption policy on them, performance slugging or not.

Data safe Accomplishing the actual encryption can be done by products or services, such as one provided by Iron Mountain. Its DataDefense product encrypts nominated data on a laptop computer and can destroy the data should the laptop get lost or stolen.

US-based Everdream has a similar service. Its software is implemented as an agent on the laptop. When the device is stolen and next connected to the internet the agent software links to Everdream’s control centre and sends it network location information. This can be used to trigger the transmission of software to encrypt or delete files on the stolen device. If a thief copies hard drive data before connecting to the net, however, the subsequent encryption and/or deletion of data is a case of closing the barn door after the horse has gone.

Another way of keeping laptop data safe is to put sensitive data on an externally connected drive which has its contents encrypted. The drive can have a fingerprint reader or equivalent user verification device. Memory Experts International’s Outbacker drive has these capabilities. Encrypted data is kept in a special partition which cannot be seen by users who are not validated to the device.

There is also a quasi-GPS way of tracking notebook computer location and taking file recovery steps if it goes off location. A product and service called MyLaptopGPS tracks lost or stolen laptops and installs software on them that can encrypt and recover files once theft or loss is reported to a control centre. As with Everdream, an internet connection is needed for this. It uses a ‘proprietary internet homing technology’ and means there is no need to have a GPS chip added to the laptop. The publicity material is all a bit hysterical though and doesn’t say how good the claimed

physical location of a stolen laptor is. I’d suspect it’s pretty poor. What about just relying on Windows? XP Professional has a folder encryption capability, but there isn’t additional authorised user identification needed to get ti folder decrypted. It’s fairly poor. Windows Vista is much better; it has BitLocker Drive Encryption which uses a Trusted Platform Module (1PM) and can encrypt an entire volume. But to use it the laptop computer has to have a TPM chip and BIOS supporting it The installed estate of a business’ laptops is not going to be affected by this.

For the next year or two, while businesses continue to use non-Vista laptops, there is an opportunity to provide encryption products or services to your customers to help them protect their mobile data and avoid cost) embarrassing and time-consumer recovery after laptop data theft. Help them to be better protected than Nationwide was.