[Dataloss] [follow-up] Boeing fires employee whose laptop wasstolen (fwd)

Nash, Kim Kim_Nash at ziffdavis.com
Fri Dec 15 10:08:20 EST 2006 

That is one aspect of the typical corporate response to data theft that irked me when I was writing about this topic for the latest issue of Baseline. No company can ever really know that data wasn't accessed or that thieves weren't after data, etc. -- a point on which I quoted a forensics expert from Kroll. 

It *is* such a smokescreen. 

-- Kim Nash

Link to the article: http://www.baselinemag.com/article2/0,1540,2069952,00.asp


 

-----Original Message-----
From:	dataloss-bounces at attrition.org on behalf of B.K. DeLong
Sent:	Fri 12/15/2006 8:17 AM
To:	Roy M. Silvernail
Cc:	dataloss at attrition.org
Subject:	Re: [Dataloss] [follow-up] Boeing fires employee whose laptop wasstolen (fwd)

If you look through a lot of the dataloss articles, you'll see many
media spokespersons claiming similarly that password protection is
enough. Might be an interesting stat to track in the database.

On 12/15/06, Roy M. Silvernail <roy at rant-central.com> wrote:
> Gotta love this.  security curmudgeon forwarded:
>
> > Even though the employee data was not encrypted, the laptop was turned
> > off. That means the person who stole the computer would not be able to
> > access the employee data without a password to open the computer once it
> > was turned on.
>
> Wrong.  As I pointed out on my blog
> (http://www.rant-central.com/article.php?story=20060914170634681),
> that's purely a CYA statement with no basis in fact.
>
> How long will these outfits be able to get away with this smokescreen?
> --
> Roy M. Silvernail is roy at rant-central.com, and you're not
> "It's just this little chromium switch, here." - TFT
> CRM114->procmail->/dev/null->bliss
> http://www.rant-central.com
> _______________________________________________
> Dataloss Mailing List (dataloss at attrition.org)
> http://attrition.org/dataloss
> Tracking more than 143 million compromised records in 507 incidents over 6 years.
>
>
>


-- 
B.K. DeLong (K3GRN)
bkdelong at pobox.com
+1.617.797.8471

http://www.wkdelong.org                    Son.
http://www.ianetsec.com                    Work.
http://www.bostonredcross.org             Volunteer.
http://www.carolingia.eastkingdom.org   Service.
http://bkdelong.livejournal.com             Play.


PGP Fingerprint:
38D4 D4D4 5819 8667 DFD5  A62D AF61 15FF 297D 67FE

FOAF:
http://foaf.brain-stream.org
_______________________________________________
Dataloss Mailing List (dataloss at attrition.org)
http://attrition.org/dataloss
Tracking more than 143 million compromised records in 507 incidents over 6 years.






-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20061215/0717e13b/attachment.html

More information about the Dataloss mailing list