Over the past few weeks, the news has been full of high-profile incidents involving stolen corporate or government laptops. These thefts have placed millions of people at risk for identity theft. It's not just a big enterprise issue, and small businesses are just as likely to lose valuable customer data.
What lesson should small business owners learn from these data losses? Do everything within your power and budget to secure the data on your company notebooks. A clearly communicated security policy, password protection, encryption, biometrics these are just some of the methods that can help you better secure business data. Consulting with a local VAR can help a small business determine a plan of action that makes sense for its specific needs and budget.
As you'll note in the story below, the data on the stolen notebook was both password protected and encrypted a fact that makes it much harder for criminals to use any of that data.
Hotel booking site Hotels.com has begun sending out letters to some 243,000 customers whose names and credit card numbers were on a laptop stolen from an employee of Ernst & Young, the accounting firm. The computer was stolen from the locked trunk of the Ernst & Young employee's car in a Texas parking lot in late February, Hotels.com said. After reconstructing what data was on the machine, Ernst & Young, auditor for the online hotel specialist, told Hotels.com on May 3 that the computer contained a file of Hotels.com data.
"Once we were notified, we began working as quickly as possible to determine which customers were impacted and to notify them," a Hotels.com spokesperson said.
The company began sending letters to affected customers, which included those who booked hotels from 2002 to 2004, on May 26. Hotels.com said it and Ernst & Young are providing a year's worth of free credit monitoring services for customers who had their credit card information on the laptop.
Ernst & Young spokesman Kenneth Kerrigan confirmed the theft but refused to provide any additional details. "We don't want to impede on the investigation and hopefully can track this down as remote as that may be," he said.
Kerrigan also issued a company statement about the theft. "The security and confidentiality of our client information is of critical importance to Ernst & Young and we regret any inconvenience or concern this incident may have caused Hotels.com and its customers," the statement said. "The crime appears to be a random theft, and we have no indication that the thief was specifically targeting the laptop or any information contained on it."
The computer was also password-protected and the theft was immediately reported to law enforcement officials. The company also said it has no proof the information has been accessed or misused in any way. Kerrigan added that Ernst & Young has encrypted the laptops of its 30,000 employees around the world as a precaution against any additional thefts.
Ernst & Young laptops are apparently a popular item to steal. An Ernst & Young employee's laptop containing data about Goldman Sachs employees was stolen from a car in New Jersey earlier this year. Also, an Ernst & Young laptop containing information of employees from a number of companies was stolen from a conference room in an office building in Florida.
The incidents are the latest in a growing list of businesses and government agencies to be exposed to data theft threats from stolen computers or network breaches. Personal information on 26.5 million veterans was compromised when someone pilfered a laptop containing the data from the home of a Department of Veterans Affairs' (VA) employee.
The Privacy Rights Clearinghouse said that since February 2005, almost 82 million people have had their personal information potentially exposed by unauthorized access to the computer systems of companies and institutions.
Adapted from Internetnews.com.
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!|