This never ending parade of stolen/lost/misplaced laptops/dekstops/servers is out of control. I mean at what point are companies going to start using encryption on mobile devices at the very least? This latest episode on the shame parade involves an independent insurnace broker, CS Stars from Chicago. This time it involves hardware from a “secured facility”. I have worked in the financial, government and military spaces to name a few. And I have seen facilities that were actually secure. I don’t know what CS Stars considers as secure however.
Now, what the particulars of this incident were I can’t say but, this lends itself to a larger problem. When are companies going to start taking a stronger stance on security and incorporating it into the process rather than having it as a bolt-on after the fact? For instance the aforementioned data could have been encrypted but, was it?
“At this time, we have no indication that any of the data stored on the missing hardware has been used inappropriately,†Kachel said. “That doesn’t lessen our desire to do what is right.â€
The company is offering the people identity theft insurance, 12 months to get free credit reports and access to fraud resolution specialists.
Wow, a whole 12 months? That’s so cool, and yes I’d also like to sign up for the extended warranty! If it’s gone there is no guarantee that the data hasn’t been compromised. The chain of custody has been broken and all bets are off. Corporate spin doctors have an unenviable job of dishing out the damage control koolaid. I don’t envy them. No how much lipstick you slap on it, this problem is still a big ugly pig.
[tags]Identity Theft, CS Stars, FBI Investigation, Data Security, Encryption[/tags]