Security is not limited to procedural documents – it requires cultural change.
When was the last time you used a password?
This morning when you logged on most likely.
Now think about the last time you left your laptop unattended.
Probably during this mornings catch-up meeting or during an offsite conference breakout session.
Business travellers in the US and Europe lose a staggering 15,648 laptops per week, according to a study issued Dell. 900 are estimated to be lost each week at Heathrow alone.
Worryingly, the survey by Ponemon Institute found a high number of travellers who took no steps to protect or secure the information contained on their laptops.
British travellers admitted that 59 per cent of them did not take steps to protect the confidential information contained on their laptops, 71 per cent of Spanish travellers. 50 per cent of trusting US travellers said that they left their laptop computers under the watchful eye of a fellow passenger, 42 per cent of UK travellers did the same
We commissioned our own IDC study of SME’s in 2007.
It showed that the cost is not just restricted to replacing the lost laptop, 49 percent of SMEs take two to four days to replace a laptop, causing huge disruption. In fact approximately 17 per cent of the total cost to the business is attributed to lost man hours. On top of this there are not insignificant fines. In 2007 Spanish authorities issued fines following data breaches totalling €19m.
Data loss has been brought to the attention of the general public after high profile governmental losses hit the headlines. In the wake of MoD laptops being stolen the UK Governments Burton Review highlighted the necessity of a change in attitude towards the security of portable devices. This issue is one that organizations have battled with for many years. We invented the K Slot and Kensington Lock in 1992 and more than 10 years later, in 2003, the BBC reported that one in 17 public sector workers said that they had either lost or had their laptop stolen.
Now as laptops have penetrated all areas of the workplace it is clear that organizations are more at risk than ever before.
Policies - Enforcement
In the past valuable data was protected behind the closed doors of the server room and the PC was safely tucked away in the office. Today there is a large mobile workforce armed with mobile devices storing valuable business information.
Organisations can no longer afford to be complacent about the physical security of their laptop computers. We live in an age where barriers are no longer enough to protect your business, intellectual property or brand. If you enforce a cohesive approach to information security – incorporating both physical and network security measures – you will save your business time, money and avoid potentially damaging embarrassment.
Mangers want to minimise the time and energy spent policing their direct reports and focus on the business of the day. That’s why it’s important to make the right investments that will help prevent laptop theft and data loss. Individuals with an appreciation of the risk to which they are exposing themselves and their organisations by not locking their laptop are far more likely to use a lock that has been issued to them. Especially if it’s easy to use. This provides a better return.
People - Cultural shift
All organisations have data protection policies and procedures to protect the security of the data for which they are responsible. Remember that data has been entrusted to an organisation by its customers. Unfortunately, this data is only as secure as the devices on which it is stored and the mindset of it’s owner.
Whilst organisations need to be comfortable with their level of network security they and their employees must recognise that this protection only protects data stored on a network.
Whether data is lost or stolen from the office, at the departure gate or an employee’s home, the consequences are the same. The customer will, quite rightly, hold the organisation to account. By incorporating the use and management of mobile devices into company data management policies and increasing the awareness and appreciation of the impact of data loss amongst their mobile workforce, they can, if not safeguard, certainly take steps towards reducing the risk of theft.
Our message is that the first line of defence is not the password but the lock. The organisations that safeguard their data most effectively are those that do more than simply issuing a lock to their staff. Security is only effective when it’s addressed by management of Technology together with People and Procedures.
George Foot is Sales & Marketing Director Kensington Europe.
Kensington is the world’s number one selling notebook lock manufacturer and inventor of the industry standard K-slot. Kensington’s MicoSaver® DS lock provides optimal levels of of strength and security, it’s MicroSaver® Twin offers the convenience of locking two devices such as a notebook and monitor to each other whilst Kensington’s PocketSaver® is the perfect portable solution.
Previously Director of Northern Europe George leads a team of 60 sales and marketing professionals across 14 different markets. Foot is responsible for setting the vision and strategy for the region, Go-To-Market delivery and sales performance.