You are currently browsing the Data At Rest Encryption Solutions weblog archives for December, 2009.
14. December 2009 by Bryan Glancey.
Amidst all the holiday cheer, running form one office Holiday Party to Another and then to the kids Holiday Party.. Data Loss is continuing its regular rise. I found an interesting source of Data Breach news this week, http://datalossdb.org/ , interesting in that it denotes the source of the loss of data.
From now on, whenever I get into the once a week argument with someone that thinks that know about security I’ll point out this site. I always the one saying that Data Loss from lost / stolen / copied devices and media is 100 times more then network based intrusion - then someone starts relating to me their recollection of Wargames 20 years ago and transfers it into fact. Funny part about it is that most CIOs spend their money that way, also.
Find any company that has comprehensive Data-at-Rest implementations? Good luck looking, because you will find very few.. You’ll even find people telling You that Microsoft Bitlocker Drive encryption is secure despite the readily available tools to defeat it (take a look at www.lostpassword.com ) .
So, the truth is that no one’s data without a data-at-rest encrpytion plan is secure; and no one has a good comprehensive data-at-rest implementation. SO, net-net people can have whatever data they want on any individual because companies refuse to protect it. All the Billions that CIOs and CSOs waste on the newest network security tool doesn’t protect their data even one little bit.
Data-at-Rest is the ignored weakest link of any corporations information security policy - and anyone can breach any company they want, any time they want simply by picking up a laptop or USB key with data on it. Let’s see your Millions of dollars of IT security expenditures prevent it.
Posted in Uncategorized | Print | 1 Comment »