More and more details are emerging concerning lax security of data and I am becoming increasingly concerned at the absence of even basic precautions to prevent unauthorised disclosure of data.
There have been laptops stolen, lost or simply forgotten at airports which contain sensitive information. Not long ago a Cabinet Minister had a desktop computer stolen, which had data not normally allowed outside Whitehall. The Minister concerned told the Press that it was safe as it was protected by a password. There was incredulity among those present as passwords are so easily overcome. One wag even enquired if the password was 'PASSWORD'.
Desktops and laptops often store system passwords in CMOS which is a volatile store chip within the computer and is kept alive by a small coin type battery on the motherboard. This same chip holds the date and other start-up data. If you remove the battery and leave it for a few minutes, this data is lost and the password is removed. The other type of start-up password is held in an encrypted form on hard disk.
It is relatively easy to boot the computer from a CD or alternative operating system, access the password files and delete them. Rebooting the computer in the normal way shows that the password has been removed.
I am no computer expert, but this easy routine is readily available on the internet and it beggars belief that anyone, let alone, those in Government think that their data is secure when 'protected' in this flimsy way.
In my job I travel widely and I have a laptop which is protected by a password but the data I carry is on a separate removable drive which is encrypted at file level so that even if the drive was stolen and put into another laptop the data could not be accessed.
I use Folder Lock to secure my data. There are many other programmes available but I like this one.
Folder Lock is a fast file-security program that can password-protect, lock, hide and encrypt any number of files, folders, drives, pictures and documents in seconds. Protected files are hidden, undeletable, inaccessible and highly secure. It hides files from anyone other than the authorised user, safeguards them from viruses, trojans, worms and spy ware, and even protects them from networked PCs, cable users and hackers. Files can also be protected on USB Flash Drives, Memory Sticks, CD-RW, floppies and notebooks. Protection works even if files are taken from one PC to another on a removable disk, without the need to install any software. It locks files in Windows, DOS and even Safe Modes.
I know that my sensitive files are protected and that my Clients data is protected.
Chris Eden FIBC, MISSA, ACQI is a director of Quality Matters Limited an established independent management consultancy based in Essex, UK which specialises in ISO27001 Information Security Management consultancy.