Warning: include_once(/home/mobsec/htdocs5/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/style.css.php) [function.include-once]: failed to open stream: Permission denied in /home/mobsec/htdocs5/wp-config.php(1) : eval()'d code on line 1

Warning: include_once() [function.include]: Failed opening '/home/mobsec/htdocs5/wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/style.css.php' for inclusion (include_path='.:/usr/local/lib/php:/usr/local/php5/lib/pear') in /home/mobsec/htdocs5/wp-config.php(1) : eval()'d code on line 1
mobile security » Mobile data and importance of disk encryption

mobile security

news, reviews and going's on in the world of mobile security

Mobile data and importance of disk encryption

Filed under: Identity Security — webmaster at 9:10 am on Friday, November 24, 2006

nationwide.jpgIt seems almost every day new articles appear on new websites relating to the theft or loss of laptops. This week, the UK based Nationwide building society will mail all of their 11m (yes, ELEVEN MILLION) customers to inform them of a laptop which was stolen in August. Why it has taken Nationwide 3 months to mention this hiccup will only serve to further exacerbate customer anger. Trying to cover things up in this way will cost them more dearly than if they were just open and honest in the first place.
Other details Nationwide refuse to disclose include:

  • what customer information was on the laptop
  • where the laptop was stolen from
  • how many customer details were on the laptop
  • why so much sensitive data was there in the 1st place
  • if any encryption was used laptop was using

All in all, this amounts to a huge embarrassing situation for Nationwide. Looking at the big picture, it seems they first tried to sweep the incident under the carpet and that has just made matters worse. Furthermore, failing to answer basic questions about the event and how secure the laptop will surely makes matters worse.

Who does incident handling and damage control at Nationwide?

If they have they don’t appear to be doing a very good job of it. The only useful piece of information that they have disclosed is:

the information did not include any PINs, passwords, account balance information or memorable data.

They go on to say:

since the loss of the laptop we have taken steps to improve our security measures further and provide additional protection to our customers

Could this be a case of shutting the stable door after the horse has bolted? I certainly think so.

The main customer concern here seems to be one of Identity Theft. In the UK, a criminal needs very little information in order to impersonate you. Your name, age, sex and address is all they need in order to start impersonating you. For more information about protecting your identity, see the UK Home Office’s Identity Theft website.

If you wish to read on about other laptops that have been stolen this week, the BBC is reporting another interesting theft of some laptops from some offices used by LogicaCMG that contain payroll information for 50% of the workforce of London’s Metropolitan Police.

No Tags
Powered by Gregarious (41) Google Reader or Homepage Subscribe Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online Subscribe in Rojo gritwire Add to Technorati Favorites!

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 
Socialized through Gregarious 41