Pretty Much Everybody Is Losing Laptops With Personal Data

from the somebody-call-a-data-plumber dept

If you thought you’d been seeing a lot of stories about companies losing laptops containing personal information, here’s why: more than 80 percent of companies have lost a laptop with “sensitive data” on it in the past year, according to a new survey. The biggest problem, according to the company behind the survey, is that firms don’t keep track of where personal and other sensitive data is kept, which would seem to evoke the old saying that you should never attribute to malice what can be explained by incompetence. The most obvious solution would appear to be for companies to figure out exactly where all this data is living, and come up with some rules limiting employees’ access to it and preventing them from carrying it around unless it’s absolutely necessary. As an added benefit, the mere existence of such a policy, even if it isn’t enforced, or soundly written can be enough to get a company off the hook should they leak personal data — just another way companies are being motivated to really take these things seriously. So many of these instances, at least the ones that come to light, aren’t taken seriously because the leaked data never gets used, with many companies not taking any proactive steps to secure their data, banking on a variation of security via obscurity that’s more like security-via-can’t-be-bothered. But with people advertising the value of leaked data, security policies founded on thieves’ ignorance can’t be effective much longer.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Pretty Much Everybody Is Losing Laptops With Personal Data”

Subscribe: RSS Leave a comment
David Dante III says:

Re: Re: sensitive data

I run an online business that sells adult merchandise, mostly apparel and rubber “external organ and limb equivalents”. We have a very effective policy concerning data security. No sensitve data bearing equipment ever physically leaves the office. All information that is transmitted to us over the web is moved (not copied) to an offline system. It’s only connected to the system with internet access once daily. When they are connected, we shut down our router.

I am a sensitive artist says:

Re: Re: Re:2 sensitive data

not fubar, SNAFU!

Hey, you know what? There were wartime cartoons they made for soldiers about an officer Snafu, showing you what NOT to do as a soldier, like keeping your trap shut around ladies of the night, keeping your equipment in good condition, reading manuals, yatta yatta. Why not have Employee Snafu films, warning cubicle dwellers not to put their girlfriend’s phone number where thier wife can see it. Maybe an Earth2 fanfic or two, but that’s it.

Kevin says:

Re: Who cares?

I strongly agree that companies should secure their databases in a central location and only allow employees to access the information through VPN (or some other unforseeable secure connection) if they are away from the office.

Virtual Private Networksing is relatively eay. We can even use VPNs for home networking. It works. It’s secure. It can be accessed from anywhere. It requires less hard drive space (all data doesn’t need to be copied to client computers). All personel would have access to the exact same data at the same time.

You must admit, the future of storage is not on portable devices. Imagine being able to access your personal desktop from any capable computer, PDA, phone, digital tablet, eInk display, or even a wall at some random place.

thenakedwookiee says:

it is very wasy to say “All work should be done remotely connected via VPN”… but the realities are much more difficult, your remote employees/offices won’t use solutions that aren’t intuitive and easy to use (almost to the point that of being transparent to them) And in a situation where you have to weigh a certain level of risk against staying competitive and making money, I can tell you where managers are going to bet every time. there is no easy fix here for this problem, companies spend years and millions trying to go down the road of total protection and it just isn’t feasible for larger companies to maintain a total lockdown on everything and still allow business to flow. I agree that sensitive data control is a huge problem and it needs to be addressed by the corporations who have the data but also by the software companies who produce enterprise encryption and access software. The market is poor to say the least and the “complete” solutions are anything but. So you get halfway through an implementation and find you have to spend 2-3 times your initial cost to customize the solution and end up with something that is unusable.

mroonie (user link) says:

Re: simple solutions for not so simple business...

The point of business is to always do everything in the most effective and efficient way possible. This goes double for larger enterprises. However, just because you are a large enterprise does not mean that there aren’t simple solutions out there for you. Enforcing software that is easy enough for each employee to use, makes each employee responsible for the data they take from work to home. Here’s an article of one software that might be worth looking at:

Apparently this software also has an app that can be used to encrypt data on a computer. Only someone who is authorized can then unscramble and access the data….

Sohrab says:

I gotta say, yesturday, we randomly got a phone call. Not showing up on the Caller-ID. They said they were from our Gym (fitness 24) and that something was wrong with out account and they needed our credit card info again to verify it. They knew my name and my moms name fully, (we both have different last names) I asked them to hold on and they put me on hold and hung up.

I then directly called Fitness 24 and they said they would never do such a thing and that our account is fine.

That is just a basic scam. Its BS that companies can get away with just loosing data like that. Where are the real law suits when we need them?

call me crazy says:


I see a few people are on the VPN bandwagon here. Yes VPN is great for securely connecting to a remote office but what’s to stop employees to use VPN to connect to the file store then just download the file so they can work on it locally? Once downloaded the info is out and unless the user has a pretty good security setup at home or where ever that info is vunerable.

VPN is a great tool for security but it’s not the end all solution. Education coupled with responsible employees is the answer.

Amazing says:

VPN - disconnect

Umm seems like a basic disconnect here, if you truly use a laptop, it’s because you’re remote often. Ever been on a 2 day business trip to the UK? You get more work done on the plane than on the ground… [back in the day…]

What about having to work disconnected guys? That is – NO VPN, no connectivity at all – if it is feasible for all remote workers to be “connected” all the time – then load NO APPS but the basic OS and let all workers remote in – using CITRIX or something equivalent – dumb terminals come to mind… but wait that’s a mainframe term…

MEoip says:

Call Me

Call me when the company suing a company for loose of personal data on a laptop looses a laptop with said personal information. Then I will care only long enough to laugh but I will care.

I’m guessing the majority of thieves don’t steal a laptop and start looking for personal info. They probably steal and sell only when their stolen goods are announced to have millions of personal records do they actually think and say darn I wish I sold that stolen laptop for more than $100 now that I know there were thousands of personal records worth thousands of dollars on it.

In short news folk: shut up about it you possibly cause more harm than good. Company folk: Get my personal data off your laptops! In fact get my personal data off all of your computers you don’t need it! If it gets stolen you can bet I’m coming after you.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...