Data theft – Published Tuesday December 22, 2009
Editor: This letter is in response to the laptop data theft story in Saturday’s paper (R-J, 12/19).
In 2007, a laptop was stolen from the front seat of a car belonging to an employee of the Department of Revenue Services which included the records of about 106,000 taxpayers including names, addresses and Social Security numbers.
So how is the issue with the laptop or technology itself?
Why was someone carrying around the information of 106,000 taxpayers to begin with?
There is no way in the regular course of one individual’s job that they needed to carry around that much information with them on daily basis. I blame the end user for doing it and the administrator of the data for allowing that type of access.
Irresponsible users and administrators cause almost all data breaches of this sort where someone can lift up a computing device and walk away with it.
The encrypting file system of today’s operating systems used in concert with the total drive encryption found in the BitLocker application prevents data recovery on stolen devices when the security measures are mandatorily used.
This can be enforced on portable devices using computer generated policies that are set by an administrator and cannot be altered by the end user.
I will encrypt a flash drive with EFS and BitLocker; I challenge anyone to hack the device and recover data from it.
When a thief steals a laptop secured with encryption all they can do is re-install the operating system and use or sell it – they will not get their hands on the data.
JASON ZANDRI, WALLINGFORD