We frequently hear news of a laptop holding sensitive information having been stolen. Bad in itself, but the reports often note that the information was unencrypted. Doubly bad. Certainly, physical security is important — you want to do everything you can to prevent physical access to, or theft of, your computer — but data security is senior. Why? Because the real value lies in the data, not the hardware.
Modern thieves know that if they can get their hands on a computer holding a company’s customer account information — particularly bank or credit card information — they can sell that computer for tens or hundreds of times the value of the hardware. From the thief’s point of view, any laptop sitting on the seat or floor of a decent car or a desktop PC in a middle class home office could belong to someone who has access to valuable information. But, if the data is encrypted, the thief is out of luck.
I’ll cover physical security later. For now, I present Maxim #7:
If you store sensitive information on a PC or laptop, even if it’s only personal information, encrypt the folders or drives where the information is stored and use an unguessable passphrase as the encryption key.
Have a question? It can be about anything from cooking to science, whatever you’re interested in: Click here to Ask the Geek! Kenny “The Geek” Harthun has been playing with geeky stuff since 1965. He’s a Microsoft Certified Systems Engineer with Connective Computing, Inc. and loves to learn about anything and everything.
[tags]security, ask the geek, ken harthun, encryption, physical security[/tags]