Encryption Seen as Best Security Measure to Safeguard Laptops
by Terri Eyden on
By Frank Byrt
Laptop computers are top targets for thieves, and, as many victims have found, the true cost of their loss is measured not by the price of the hardware and software, but by the proprietary information on board – a gold mine for identity thieves.
Laptop security is particularly important for accountants at tax season. The loss of a laptop containing clients' personal financial data will mean weeks of lost work and missed deadlines and, if an identity theft occurs, the ruin of a reputation and a likely lawsuit.
Whether they're misplaced or stolen, laptops go missing at an alarming rate. Absolute Software sells a range of security products, including Computrace LoJack for Laptops, which can track and lead to the recovery of lost or stolen laptops and mobile devices. According to Absolute, "a laptop is stolen every fifty-three seconds."
"Laptops are like pocketknives and pet hamsters – you just cannot expect long-term relationships," Jay Heiser, a research vice president at the IT research and advisory firm Gartner Inc., told AccountingWEB. "They go missing."
Protect Yourself from Laptop Theft
Following are tips from the Metropolitan Police Department of Washington, DC, for preventing laptop theft:
- Don't leave a laptop in an unlocked vehicle, even if the vehicle is in your driveway or garage. Never leave it in plain sight, even if the vehicle is locked. Cover up the laptop or put it in the trunk. Public parking garages are likely areas for theft.
- Carry your laptop in a nondescript carrying case, briefcase, or bag when moving about. Putting it in a case designed for computers is an immediate alert to thieves that you have a laptop.
- Don't leave a meeting or conference room without your laptop. Take it with you, or you run the risk that it won't be there when you return.
- Lock the laptop in your office during off-hours; better yet, keep it in a locked closet or cabinet. If a closet/cabinet isn't available, use a cable lock that wraps around a desk or chair leg.
- Don't let unaccompanied strangers wander around your workplace.
- Apply distinctive paint markings to make your laptop unique and easily identifiable.
- Never check your laptop as luggage at the airport. Keep an eye on your laptop while going through security checks.
- Don't leave your bag unattended. Many thefts occur in coffee shops, on buses and trains, or in airports.
According to a 2008 study done for Dell by IT security research firm Ponemon Institute, business professionals at that time were losing more than 12,000 laptops in US airports per week, or about 600,000 annually, and 70 percent were never reclaimed. Ponemon also found that 53 percent of those individuals surveyed reported carrying confidential company information on their laptops, but only 65 percent of them had taken steps to protect it.
And a laptop loss is expensive. Another study done by Ponemon for Intel in 2009 found that the average cost of a lost laptop was just under $50,000, taking all factors into consideration, with the potential occurrence of a data breach making up 80 percent of the total loss.
Brad Sargent, CPA, managing member, and forensic accountant and fraud investigator at The Sargent Consulting Group in Mokena, Illinois, said identity theft stemming from laptop theft "has been a real major growth industry for well over a decade." It used to be about what the thief could get for selling the laptop, but not anymore. "Now, it's all about the data and information."
So the loss of a computer containing a client's personal financial information is a potentially serious legal problem for CPAs, lawyers, bankers, and other professionals. They can be held liable for a client's financial loss from identity theft because such a loss can represent a breach of fiduciary duty, Sargent said.
He suggests that professionals who have sensitive data on their laptops buy a full-disk encryption device so that if their laptops go missing, the hardware won't be accessible without the password.
Although some passwords on these types of devices can run up to twenty-six characters and need to be changed regularly, "you have to weigh convenience versus security. It's a pain in the neck [to reenter the password], but it's virtually impossible to crack," Sargent said.
"And even for small practitioners, encryption programs are readily available at a relatively low cost," said Sargent. "For me, it's worth the inconvenience for the peace of mind."
Gartner's Heiser agreed. "Any organization that's worried about the leakage of confidential or private information from laptops should invest in some sort of full-drive encryption mechanism, preferably one that's centrally managed."
You may like these other stories...
Accountants who specialize in forensic and valuation services point to electronic data analysis, or big data, as the most pressing issue they’ll face in the coming months, according to results of a new survey released...
As complex as federal tax can get, at least you're only dealing with one agency: the IRS. But when you get into state and local sales tax, you're coordinating hundreds of jurisdictions that are constantly changing....
All that was needed on Tuesday was a voice vote for the House of Representatives to pass a bill that would prevent state and local governments from taxing access to the Internet.Now the ball is in the Senate’s court....
Upcoming CPE Webinars
We can’t deny a great divide exists between the expectations and workplace needs of Baby Boomers and Millennials. To create thriving organizational performance, we need to shift the way in which we groom future leaders.
In this presentation Excel expert David Ringstrom, CPA revisits the Excel feature you should be using, but probably aren't. The Table feature offers the ability to both boost the integrity of your spreadsheets, but reduce maintenance as well.
In this session Excel expert David Ringstrom helps beginners get up to speed in Microsoft Excel. However, even experienced Excel users will learn some new tricks, particularly when David discusses under-utilized aspects of Excel.
FRF for SMEs Series--Measurement and Disclosure Principles for various Consolidations and Business Combinations, Part 4B
This webcast will focus on accounting and disclosure policies for various types of consolidations and business combinations.