Things even encryption can’t save you from
In a recent paper sponsored by Intel and Samsung, the author describes the importance of using encryption in your business and especially with your mobile staff. The focus of the paper was to support the push to full disk encryption (I assume as opposed to file based) and how it should be used throughout any mobile workforce. Full disk encryption (also known as whole disk encryption) is explained in the article as:
“Whole disk encryption encrypts the entire disk including swap files, system files, and hibernation files. If an encrypted disk is lost, stolen, or placed into another computer, the encrypted state of the drive remains unchanged, and only an authorized user can access its contents.”
The part of the paper I found most interesting though was the last section entitled “Potential Pitfalls” where the author outlined the main weak point of strong encryption: the user. The pitfalls mentioned were all based on the users action, from weak passphrases (the modern replacement term for “password”) to viruses/malware to even walking away from a laptop while logged in. You might quickly dismiss the last item, but earlier this week I attended a local Microsoft conference where an attendee asked a solution for that exact situation: how to handle a doctor walking away from his/her laptop while in a coffee shop and not locking his desktop (it’s as easy as windows key + l).
If you’re one of the many offices that still have yet to roll out encryption on your desktops, or worse yet not even on your laptops, now is the time to start planning your implementation. And even if you have your practice’s computers encrypted (kudos!), as you can see above your work is not done yet. Staff education in basic computer security is an ongoing necessity. For help on figuring out how best to tackle any or all of the above issues feel free to contact us to get the conversation started.
Keep calm and encrypt.