This is a good article on the risks of not encrypting information on laptops, backup tapes, and other media, and the implications of having that data stolen. It would have been nice to have some solutions to these issues too, but perhaps that's for another article. Anyone have a favorite encryption strategy? GnuPG just released a new version. Does everyone have their key?For many companies, the data is the crown jewels. Millions of bytes are circulated every day on networks that, but for a little bit of probing, are as frail as a strand of hair and less well protected. We spend millions of dollars securing and reducing the risk of penetration from the outside, yet very few companies take the basic steps to secure their data internally. There are simple things that we can all do - such as IPSec on the wire, encryption in the backend and proper security on the desktops. We must think about more than a simple username and password scheme when it comes to securing our data from the bad guys, because, quite often, the bad guys are none other than that cute redhead who just asked you to reset her password. And it wasn
If I were to take a survey, and maybe we will see if we can get the Linux Journal to whip one up for us, how many of you encrypt the data on your laptops as a general practice? If you are in the US Federal Government, all of you should have your hands up, regardless of operating system. The issue of wandering laptops came to a head in 2006 when one was stolen from an employee of the Department of Veterans Affairs. Not to belittle the issue, but other than bad luck, the employee had not really done anything wrong, according to my sources at the Department. He was in a position where he was entitled to access and use the data.

The link for this article located at Linux Journal is no longer available.