Surprised by these figures? I doubt it! If you’re an IT manager you’d have been there. In-fact you’re users have probably lost more laptops than you can remember? Surveys show that any large organisation lose between 3-5% of their laptops every year. Relaying laptop theft stories in the local pub is almost as common-place as people boasting how much their houses have shot-up in price over the last two years. However, with an increasingly mobile workforce, often using privately bought mobile devices, the board and IT departments have to take greater notice of who is carrying what around with them and take a rain check of the damage that could be caused if this information was lost and broadcast to the outside world. It is often fine when company information just resides on PCs and servers in an office as the IT departments have far greater control over the information and what is being sent out. Now the same information is being carried out of the office, left in bars or restaurants, at the back of taxis or trains and most commonly forgotten in airports, the IT manager has a nightmare job on his/her hands.
Insuring against hardware theft is rapidly becoming pointless and expensive and few companies bother to take out policies because the premiums are now so high. Plus, companies are now realising that the true cost of a stolen item of hardware is not the device itself, but the information it contains. No company are without laptops, PDAs or smart phones these days, so if you want to make sure your company does not become another statistic or victim of data theft here are a few golden rules you may want to follow.
Golden Rule Number One:
You must have a mobile Use policy or ensure that your corporate IT security policy has specific provision for mobile devices and you update it whenever you adopt new hardware categories such as combined PDA/phones. The information that needs to be protected is the same, it is just different ways of storage it.
Golden Rule Number Two:
Take the responsibility of IT security away from the end-user and centrally manage and deploy it. Work on the premise that no-one can be trusted to safeguard their device. Wake up to the fact that they are just not interested in security.
Golden Rule Number Three:
Invest in a solution which is usable and flexible. Easy access and transparent encryption that does not slow down a user’s device is now available on the market – they’ll go to whatever measures to disable the device or buy their own if security gets in their way.