Encryption, or the lack thereof, is in the news recently, as a laptop belonging to Stanford University was recently stolen. The problem is that the laptop contained personal information for some 72,000 current and former employees. The data on the laptop was not encrypted, and this incident is only the latest involving unencrypted laptops, including one containing information about managers for AT&T.
Stolen Laptop Teaches Stanford a Lesson on Need for Encryption (Computerworld)
It is not like it is difficult to encrypt data these days. There are plenty of solutions that McAfee will soon add to a centralized encryption suite that will simplify management of encryption. In addition, PGP and Check Point Systems have introduced whole disk encryption for Macintosh computers running OS X 10.4.5 through 10.5. Some companies are moving on the subject; for example, William Hill, of a UK-based betting chain, has announced a full disk encryption initiative for all laptops in his company.
McAfee Centralizes Laptop Encryption (Daily Channel News)
Security Vendors Roll Out Full-Disk Encryption Support for Macs (Computerworld)
William Hill Bets on Laptop Encryption (Techworld)
It really doesn’t matter if the stolen laptops should have had personal information on them, what matters is that in this day and age, encrypting laptop contents should be done on any laptop that could possibily contain confidential information. In my environment, we keep such information stored in a completely separate network that only people who need the data to do their jobs have any level of access to. Has your company begun encrypting the contents of hard drives, particularly laptops?