Re: [privacy] Laptop Stolen From D.C. Home With Personal Data of 13, 000

["Ahmad Elkhatib" <khatib () umich edu>]

As someone mentioned earlier, you cant expect to stop employees from taking
work home, but rather put in the controls to make sure that this is done
safely. Transperant full disk encryption is the solution for this problem.
Wont require the user to do anything (versus manual file encryption), and
you can be assured that if the laptop is lost/stolen no one will ever be
able to access the data on it.

-Ahmad

On 6/19/06, Drsolly <drsollyp () drsolly com> wrote:
> On Mon, 19 Jun 2006 Blanchard_Michael () emc com wrote:
>
> >   Dr. Solly, I agree with each and everything you said below.  SSN was
> never
> > meant to be an ID number, but these days if you have someone's SSN and a
> > couple other pieces of info.... Hmmm, lets hit someone's trash and grab
> a
> > utility bill or two, then "find" their SSN on the web somewhere, ok now
> > let's go to the DMV in some far away town to get a replacement drivers
> > license....  You've now become that person, easy cheesy....
> >
> >   It's not nust the SSN that I'm worried about though.  Personal
> information
> > in general, Credit card numbers, bank account numbers, hell even the
> color
> > of my eyes or hair (yes if you've seen my in person, these two are
> pretty
> > obvious, and I believe I've met just about everyone on this list in
> person
> > at one time or another).  BUT!  It doesn't matter.  It's MY information.
> > Information about ME, no one else.  Information that's supposed to be
> > PRIVATE.  These places don't have the right, IMHO, to allow my
> information
> > to be stored on any laptop and brought home with anyone.  I should be
> able
> > to assume a reasonable amount of security precautions will be taken with
> my
> > data.
>
> Yes, I agree that the info should be kept confidential. I'm saying that,
> in addition, banks and credit companies shouldn't be so gullible as to
> accept ssn as proof of identity.
>
> >   It is very interesting to note that most of this data theft is within
> > the States, at least those that we hear of....  What are you guys doing
> > in the UK that prevents or seriously discourages this type of thing?
>
> We have a three-part approach.
>
> 1) We don't have SSNs, so you can't give them out by accident.
>
> 2) If there is a major loss of data, no-one tells anyone about it, because
> it would only upset the consumers and make them worry about their
> confidential data.
>
> 3) We're planning to introduce "Identity cards", which will cost an
> enormous amount per card, require an enormously expensive computer system
> to administer (which will cost three times as much as the original
> estimate), and which will be about as difficult to forge as a nine bob
> note.
>
> _______________________________________________
> privacy mailing list
> privacy () whitestar linuxbox org
> http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy