The FSA has just fined Nationwide £980,000 for information security lapses following the theft of a laptop from an employee's home last year. On top of that, it cost the Nationwide a considerable amount to inform customers of the risks they had been exposed to, because of the theft. Yet companies can easily and inexpensively protect themselves from this kind of data leakage with encryption software.
Ian Kilpatrick, chairman of security company Wick Hill, said: "It really is very easy and economical for companies to protect data on their laptops using encryption software from vendors such as Utimaco. This can cost as little as GBP 75 per device protected and will make it impossible for anyone stealing a laptop to decipher what is on it."
Businesses are responsible for safeguarding personal information held on their systems under data protection laws and many other regulator requirements. In addition to this concern, there may be company sensitive information which you wouldn't want competitors or even anyone outside the company to see. Financial loss is only part of the headache for a company losing data. Loss of reputation can also be significant.
Kilpatrick commented: "With the ever-increasing use of laptops out of the office, their vulnerability to theft, and the availability now of low-cost security solutions, it is time for companies to take the leap to securing laptops. By doing so, they not only protect key data from potential exposure, but also meet their regulatory obligations."
How big a problem ?
Nationwide is not alone. In the UK, the bulk of incidents go unreported, but in the US, where regulatory requirements require disclosure, it is possible to get a better view of the problem in all its gory detail. Forbes describes the number of incidents as 'astounding' in their laptops hall of shame analysis (see link below). So while reticence and fear of damage to reputation keeps the issue generally out of the UK press, it is certain that there are major data loss problems in this country.