Security Management Strategies for the CIOAccess "Use full disk or file/folder encryption for laptop data security"
This article is part of the June 2010 issue of Finding affordable encryption options for laptop data security
According to the nonprofit Identity Theft Resource Center, staggering numbers of sensitive data records were breached in 2009, continuing a trend occurring since 2005. Approximately 498 distinct breaches took place with at least 222 million sensitive records lost or stolen. Roughly two-thirds of the breaches were explained, and of these, 27.5 percent were due to lost laptops and other incidents where data was "on the move," or accidental exposure. Regardless of how the breach occurred, only six of the 498 had encryption or other security controls in place. With vast numbers of records being lost or stolen, particularly from mobile systems, more organizations should be using endpoint security controls such as laptop encryption. In addition to the potential loss of customer confidence, litigation concerns, and general "bad press" that come with a public data breach, many organizations need to adhere to multiple compliance and privacy mandates at state, federal, and industry levels. Although few compliance requirements actually mandate the use of laptop ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Cloud computing risks and how to manage them
by Tim Mather
Cloud computing alters enterprise risk. Here's what you need to know in order to safely navigate the cloud.
-
Use full disk or file/folder encryption for laptop data security
by Dave Shackleford
Learn about the options for protecting laptop data, including full disk encryption and file/folder encryption, and their associated deployment and management challenges.
-
Cloud computing risks and how to manage them
by Tim Mather
-
-
Symantec acquisitions cement encryption-as-a-feature
Symantec acquisitions of PGP and Guardian Edge future ensures that encryption is becoming less of a standalone security tool.
-
Demystifying governance, risk and compliance
by David Schneier
GRC aims to bring together disparate compliance efforts in the enterprise, but the concept has been stymied by a lack of clarity. Developing a GRC program requires three key steps.
-
Symantec acquisitions cement encryption-as-a-feature
-
Columns
-
Don't keep quiet after a data security breach
by Kim Getgen and Kimberly Kiefer Peretti
Organizations who stay silent after a data security breach end up paying a higher price and helping cybercriminals.
-
Weighing the risk of hiring hackers
Bruce Schneier and Marcus Ranum debate the risks associated with hiring hackers.
-
Information security spending shouldn't be driven by compliance
If you're spending more to protect custodial data because of compliance than you are to protect company secrets, you're missing the big picture.
-
Don't keep quiet after a data security breach
by Kim Getgen and Kimberly Kiefer Peretti
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...