Vulnerabilities / Threats
12/2/2010
03:50 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Lost Laptops Cost Billions

An Intel-sponsored study finds that organizations fail to grasp the risk of lost laptops.

The study happens to note that while 46% of laptops were reported to contain sensitive data, only 30% of them had disc-based encryption, only 29% had been imaged for backup, and only 10% had anti-theft features.

Intel was also present as an example of what can be achieved through best practices. Intel chief information security officer Malcom Harkins revealed that Intel, out of 87,000 laptops, only loses about 700 per year. That's five to ten times less than the average loss rate at the companies surveyed.

Harkins said that as Intel shifted its focus toward mobility in the late '90s, the company made a concerted effort to build business processes that fostered security and encouraged employees to take responsibility for safeguarding their laptops. He added that Intel tries to be fairly permissive about allowing employees to store personal information on their laptops, which he said encourages a sense of ownership and responsibility. Acknowledging that some information security professionals see the mingling of personal and professional data as a risk, he said, "I think it helps more than it hurts."

Harkins added that one problem in dealing with the issue is that security teams tend to want to keep quiet about lost laptops and lost data. He said he understood that impulse but insisted that being open can help people recognize the risk of losing laptops.

"The biggest vulnerability we all face today is misperceiving risk," he said.

Kevin Beaver, an independent security consultant and expert witness with Principle Logic, offered an example of this misperception. He observed that companies spend significant sums to protect themselves from SQL injection attacks but fail to invest in laptop tracking or remote data wiping capabilities.

"Laptops are always the greatest risk in any given security assessment, more so even than smartphones," he said, noting that laptops simply have more data on them.

According to the study, the places where laptops are most likely to be lost break down as follows: off-site locations (43%), while traveling (33%), and inside the workplace (12%). And 12% of the time the location of the loss is unknown.

Laptops are stolen most often when people travel with them. Ponemon observed that security checkpoints are the place where laptops are most frequently lost. Diluting the irony, he added that security checkpoints are also where travelers recover lost laptops most often.

To underscore the need for organizations to manage laptops carefully, Ponemon recounted interviewing one woman at a company who had lost 11 laptops in two years.

"She claimed she wasn't really that careful with laptops because the only way she could get a better one was to lose it," he said.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0640
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.

CVE-2014-0641
Published: 2014-08-20
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.

CVE-2014-2505
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

CVE-2014-2511
Published: 2014-08-20
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

CVE-2014-2515
Published: 2014-08-20
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a superuser ticket.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.