Network Endpoint Security News - Watch Your End

Following the loss of an unencrypted laptop computer, the UK’s Ministry of Defence has instigated a ban on removing laptops and storage devices containing unencrypted data from Whitehall offices.

The new rule was introduced by Cabinet Secretary, Sir Gus O’Donnell, on Monday night and is now being enforced through what is described by insiders as a “massive operation”. The official email from the Cabinet Secretary stated: “”From now on, no unencrypted laptops or drives containing personal data should be taken outside secured office premises.”

As well as communicating the policy to all staff, departments will have to ensure that officials can continue to do their jobs within the constraints of the ban. Which is, we suspect, where the plan will become unhinged.

Highly-sensitive personal information on almost 150 NHS patients in the Oldham area has been lost following the disappearance of two USB data sticks. The Oldham trust said it had identified all the individuals affected, and had followed up contacts in writing, offering its sincere apologies. It has also set up a dedicated freephone information line for people who have further questions.

Oldham NHS Primary Care Trust chief executive Gail Richards said: “We are deeply sorry. This should never have happened. We have launched a full and thorough investigation and are reviewing our current policies relating to data storage. In the meantime we have taken all the necessary steps to ensure that it cannot happen again.”

The incident highlights the insecurity that surrounds removable media and raises questions as to why the data stored on the two USB sticks does not appear to have been encrypted.

Centennial Software’s Matt Fisher commented: “In most cases there is no legitimate need to carry such sensitive information on what are inherently insecure media. But where there is a real need to transfer personal records in this way, the data should be encyrpted as a matter of course.”

Employees and private individuals are creating a massive security risk by mislaying their mobile devices at airports, claims a new study.

The major London airports reported the biggest haul of gadgets, where more than 400 laptops and 2,500 other mobile devices are lost annually. People using airports in the northwest of England are misplacing more than 100 laptops and 800 mobile gadgets a year.

Apparently, the Germans are more careful. Even so, nearly 800 laptops are left in German airports every year, and more than 2,500 mobile devices are lost over the same period.

More than you might think, according to new research which suggests that the average business laptop has £260,000 ($500,000) of data stored on it. The survey also found that the average value of personal data on a laptop totalled £160,000 and nearly 40 percent of travellers had been affected by some form of malware.

According to a series of reports issued this year by analyst firm, Gartner, there is a new civil war erupting between IT departments and end users. And the signs are that the IT departments are losing.

Thanks to technological ‘advances’ such as cheap portable memory, more and more end users are feeling inclined to disregard the way IT wants them to work and instead create their own rules for acceptable behavior and security practices. The result, in many cases, is not only a loss of control for the IT team, but a greater risk of security breaches both on and off the network.

According to Gartner, USB sticks were the top-ranked (of six) technologies that are creating a headache for IT departments. The challenge to the IT department is to find a way to both accept their presence on the network but also ensure they do not represent a unncessary security risk. As such, the analyst firm recommends that organizations investigate a combination of endpoint security software to manage which users can and cannot use such devices - as well as investing in ’secured’ devices which offer some level of protection if the device is lost or stolen.

More on Tech Republic