Do you have anyone working for you who would forget their head if it wasn’t screwed on?
Even worse, does this person use a company laptop, or store data on a USB memory stick which they carry around with them?
If the wrong person stumbles across a misplaced laptop, it won’t take them very long at all to extract sensitive business data from it. About 4 minutes, in fact.
They’re not even going to try to force their way through your password. They can simply remove the hard drive and read the data on it from another device.
If it’s not a laptop but a USB device which is found, then data can be accessed immediately because most people don’t use passwords to protect files. In 2013, A USB device belonging to the Suffolk County Council was found – it contained notes from the county’s adult and community services department – including very sensitive information on clients.
In 2012, the Greater Manchester Police lost a USB device containing information about witnesses with links to serious criminal investigations. The device was stolen in a burglary. The force was fined £120,000.
A Solution to the Problem of Sensitive Data Stored on Portable Devices
In the cases mentioned above, the implications of data loss would have been far less severe if no-one was able to read the data they had found. This is possible with encryption.
For your business, you should be using device encryption – especially if anyone carries a device around with company information on it. A strong password and even two factor authentication on the login screen won’t be enough, because the drive holding the data can just be removed and read from another device.
Encryption is Part of a Wider Security Strategy
You can’t only rely on encryption to keep data unreadable on lost devices. The encryption will stop someone from being able to read the data by plugging the drive into another device – so they’ll just turn their attention to forcing their way through your login screen instead. This is why it’s vital to use strong passwords and two factor authentication as well as encryption on your devices to ensure the security of data.
Most passwords aren’t strong enough, and can be cracked easily by cyber criminals. Using a strong password is vital, but you also need to add another layer of security with 2 Factor Authentication. This means a unique, time sensitive code needs to also be entered on login – and this is generated on a token or on your phone. Someone would need both your password and your token/app in order to log in.