Re: (article) "We recovered the laptop!" ... so what?

[Chris Walsh <cwalsh () cwalsh org>]

Not sure if Bitlocker supports encryption of data volumes on  
removable media.  Depending on how your CXOs use machines, this may  
be an important consideration.

OTOH, you can transfer at least some of the risk by purchasing  
insurance which would cover the cost of complying with notice  
requirements.  I would imagine the insurance companies are wise to  
the adverse selection issues here, so you can't blithely ignore  
security, but you may be able to get away with (pardon the word  
choice) less than military-grade encryption on every laptop.

Chubb Group is one underwriter of breach insurance.  There are more  
but that is the only name that comes to mind.

On Feb 13, 2007, at 6:34 AM, Herve Roggero wrote:

> I’m only asking as I am seeing an interesting response from CXO  
> individuals looking at MS Vista as a solution to their laptop/legal  
> issues. If there is no official technical workaround to this  
> encryption and it takes thousands or millions of years to crack,  
> then it may fall under the “reasonable” steps to protect  
> information and become a powerful tool for businesses looking to  
> comply.

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 148 million compromised records in 573 incidents over 7 years.