Is your laptop worth 1 million pounds?
Is your Laptop worth £1 million pounds?
Laptops are getting a lot cheaper to buy. Of course if you buy a nice Sony Vaio, you could pay up to £2,000. At the other end of the scale I have seen budget laptops from £299.00.
Portable computer security has long been of big concern to security solution advisors such as myself. The hardware is normally the cheapest thing to replace.
Many people back up their personal data on portable computers, but not everyone.
The loss of business critical data could be disastrous with no adequate backup’s. Perhaps more of an issue would be the value of your customer relationships, their contact details and their credit details in the hands of your direct competitors.
People involved with risk know how to calculate predicted annual loss from certain unforeseen events. This is normally done by calculating the likelihood of an event occurring (Annual Rate of Occurrence) and then multiplying this by the Single Loss Event (SLE) dollar amount.
After this has been calculated, you can establish how much money you can afford to spend to prevent these events from occurring.
To take this a step further, once controls are in place, their effectiveness can be measured and Return on Investment calculated.
One of the key costs that Risk Analysts consider, is the cost of financial sanctions or penalties.
Nationwide Anglia discovered this the hard way this week after being fined a record 1 million pounds. A member of Nationwide Anglia staff had a laptop stolen, but didn’t report it promptly.
After the fact was discovered, the FSA found NA to be negligent in disclosing exactly what the value of the data was on this computer.
Most interesting of all, Nationwide Anglia was criticised for not having a clear and understandable policy for the protection of critical, highly confidential data.
In summary, the value of a clear, understandable and enforceable security policy cannot be over emphasised.
Data is our most valuable resource and we should protect our customers from potential harm by appropriate controls on their information.
When considering the cost of security and technology, we must remember the ‘hidden’ costs. £1,000,000 seems a lot for a single laptop, but this just goes to prove how seriously the FSA and other regulatory bodies take negligence when it comes to protection of customer’s data.
Back to Vista tomorrow!
Laptops are getting a lot cheaper to buy. Of course if you buy a nice Sony Vaio, you could pay up to £2,000. At the other end of the scale I have seen budget laptops from £299.00.
Portable computer security has long been of big concern to security solution advisors such as myself. The hardware is normally the cheapest thing to replace.
Many people back up their personal data on portable computers, but not everyone.
The loss of business critical data could be disastrous with no adequate backup’s. Perhaps more of an issue would be the value of your customer relationships, their contact details and their credit details in the hands of your direct competitors.
People involved with risk know how to calculate predicted annual loss from certain unforeseen events. This is normally done by calculating the likelihood of an event occurring (Annual Rate of Occurrence) and then multiplying this by the Single Loss Event (SLE) dollar amount.
After this has been calculated, you can establish how much money you can afford to spend to prevent these events from occurring.
To take this a step further, once controls are in place, their effectiveness can be measured and Return on Investment calculated.
One of the key costs that Risk Analysts consider, is the cost of financial sanctions or penalties.
Nationwide Anglia discovered this the hard way this week after being fined a record 1 million pounds. A member of Nationwide Anglia staff had a laptop stolen, but didn’t report it promptly.
After the fact was discovered, the FSA found NA to be negligent in disclosing exactly what the value of the data was on this computer.
Most interesting of all, Nationwide Anglia was criticised for not having a clear and understandable policy for the protection of critical, highly confidential data.
In summary, the value of a clear, understandable and enforceable security policy cannot be over emphasised.
Data is our most valuable resource and we should protect our customers from potential harm by appropriate controls on their information.
When considering the cost of security and technology, we must remember the ‘hidden’ costs. £1,000,000 seems a lot for a single laptop, but this just goes to prove how seriously the FSA and other regulatory bodies take negligence when it comes to protection of customer’s data.
Back to Vista tomorrow!
posted by Paul Vincent at 4:15 PM
-730534.jpg)
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home