Version: 2008
  • On CBS MoneyWatch: Report: Tiger to Pay Wife $60 Million

Comments on: Laptop theft exposes teachers to ID fraud risk

Stolen laptops contain Social Security numbers and other information on Chicago Public Schools employees.

Add a Comment (Log in or register) (8 Comments)
  • prev
  • 1
  • next
Madness
by danielwsmithee April 9, 2007 3:32 PM PDT
This is madness. It is not that hard to protect data like this. 1) Don't put it on a laptop unless absolutely necessary. 2) Encryption it is not that hard, especially when most current operating systems have it built in FileVault & BitLocker.
Reply to this comment
no excuses anymore
by n3td3v April 9, 2007 4:00 PM PDT
the intelligence services, corporate and educational laptops should have trackers installed on them by default......

there is no excuse now.

i'm not spamming but go here......for an example: absolute.com/
Reply to this comment
The Only Way To Get A Stolen Laptop Recovered...
by Stating April 9, 2007 7:07 PM PDT
It seems like the only way to get a stolen laptop recovered is by having it contain Social Insecurity Numbers. If you or I have our laptop stolen, nobody cares and you will never see it again. If the same laptop causes a massive security breach, it will turn up in 48 hours. Perhaps we could claim that Osama stole a laptop containing 40,000 SSNs. I'll bet we find him fast...
Reply to this comment
Laptop Thefts
by county23 April 10, 2007 6:44 AM PDT
What in the hell is going on with these SHORT SIGHTED people and companies?
Are their IT Departments so short sighted?
The answer is YES!
I work for a Medical Device company who's Sales Reps use laptops and they also USED to keep that kind of info on them, because NOBODY here wanted to deal with it, I tried talking to upper management but it fell on deaf ears until California put in it's privacy laws,
Then they did a band-aid approach to the problem,
3yrs later, and the stolen VA Laptop making the headlines, on of our VP's pulled his head out of the dirt and insisted we do something to protect our laptops from ID-Data theft..
FINALLY! We are now loading PointSec on the laptops, which gives us full disk enryption,
It may not totally fool proof, but it's a start and better than nothing...
Personally, I don't understand why any laptop needs to carry thousands of personal data like that,
I think companies who are this careless with personal information should be held responsible, and not just offer 1 yr of free credit monitoring.
Thats my 2 cents
Reply to this comment
+1
by Dalkorian April 10, 2007 10:14 AM PDT
County23 offered this comment:

"I think companies who are this careless with personal
information should be held responsible, and not just offer 1 yr
of free credit monitoring."

I couldn't agree more. Where did this concept of "1 year of free
credit monitoring" come from anyway? What moron thinks that
this data will be useless in exactly 365 days?

Companies this careless with their data (and yes, this includes
our govenment as well) should be *FORCED* to pay for credit
monitoring to everyone who might be exposed FOR THE REST OF
THE VICTIM'S LIVES!

That might get a companies attention.
Dumb... dumber... dumbest!!!
by wbenton April 10, 2007 7:47 AM PDT
#1. Require mandatory hard disk encryption (not Microsoft's OS encryption).
#2. Require strong BIOS passwords with strong disk encryption unlock password.
#3. Cable ALL PC's not just lap tops to the physical desk so that they CANNOT be removed. (And with #1 above, even if they were to remove the physical disk... it would not be usable in another PC).
#4. Mandatorily require that ALL such data be stored on the server's hard disk and never stored locally. Also ensure that access to the server is severely restricted to those essentially required personnel ONLY.
#5. Ensure Security Policies are modified as required to stay up to date with the latest practices and that everybody is following them as they were written.
#6. Disallow removable media from be inserted in any machine except for specially approved encrypted memory sticks, etc.
#7. Ensure tape backups of the data are encrypted.
#8. Employee somebody who understands and can ensure the rest of company complies with Steps #1-7!

Walt
Reply to this comment
Common sense
by Schratboy April 11, 2007 8:17 AM PDT
All of what you say is prudent but getting execs and users to adopt this policy is impossible. The leadership usually exempt themselves thereby setting a bad precident, thus undermining an effective security culture. At the very least creating an encrypted container for sensitive information should be mandatory on any school system.
These laptops WERE encrypted...
by walleyek April 26, 2007 7:14 PM PDT
Turns out M&P believed the data was encrypted. This spells INSIDE JOB. I agree that "encryption is necessary, but not necessarily sufficent". These machines need to be equipped with kill pill capabilities to whack the data when stolen. How embarrassing for M&P -- especially since they offer a "Data Security" practice. Talk about eating the ironically-flavored dog food!
Reply to this comment
(8 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET