Full Drive Encryption on Laptops – Time for all of us to “nut up or shut up!”
Given all of the recently disclosed privacy/identity breaches which have been demonstrated as a result of stolen laptops inappropriately containing confidential data, we’ve had an exponential increase in posts in the security blogosphere in regards to this matter.
This is to be expected. This is what we do. It’s the desperate housewives complex.
These posts come from the many security experts, analysts, pundits and IT Professionals bemoaning the obvious poor application of policies, procedures, technology and standards that would "prevent" this sort of thing from happening and calling for the heads of those responsible…of the very people who not only perpertrated the crime, but also those responsible for making the crime possible; the monkey who put the data on the laptop in the first place.
So, since most of us who are "security experts" or IT professionals almost always utilize laptops in our lines of work, I ask you to honestly respond in comments below to the following question:
What whole-disk encryption solution utilizing two-factor authentication do you use to prevent an exposure of data should your laptop fall into the wrong hands? You *do* use a whole-disk encryption solution utilizing two-factor authentication to secure the data on your laptop…don’t you?
Be honest. If you don’t use a solution like this then please don’t post another thing on this topic condemning anyone else. Ever.
Sure, you may say that you don’t keep confidential information on your laptop and that’s great. However, if you’ve got email and you’re involved in a company as a security/IT person (or management or even as a general user,) that argument’s already in the bullshit hopper.
If you say that you use encryption for specifically identified "confidential" files and information but still use a web-browser or any Office product on a Windows platform, for example, please reference the aforementioned bovine excrement container. It’s filling up fast, eh?
See where this is going? If we, the keepers of the gate, don’t implement this sort of solution and we still gabble on about how crappy these errant users are, how irresponsible their bosses, how aware we should make and liable we should hold their Board of Directors, the government, etc…
I’ll ask you the same question about that USB thumb drive you have hanging on your keychain, too.
Don’t be a hyprocrite…encrypt yo shizzle.