Computerworld - In the past six months a disturbing trend has emerged involving the theft of laptops containing sensitive personal information -- most recently from the home of a U.S. Department of Veterans Affairs data analyst.
These inevitably involve the loss of names, addresses, Social Security numbers and often credit card or investment account numbers of thousands of people. The VA case involved all veterans who retired from active duty in the last 40 years.
At the March FOSE '06 conference on computing in government, Cisco Systems CEO John Chambers told an increasingly familiar story about getting a letter from his financial advisers warning that his personal information may have been stolen along with someone's laptop. "What do I do now?" he quipped, "Change my name?"
These losses are embarrassing and costly, and they may be only the tip of an oncoming iceberg, as corporations increasingly equip their outside sales and support people and traveling executives with mobile "gadgets" -- smart phones and other handhelds -- that not only access corporate e-mail but carry copies of databases on corporate clients, R&D, financials and strategy.
These devices are very vulnerable to both accidental loss and theft, said Jack Gold, founder and president of J.Gold Associates in Northboro, Mass., and a former analyst at Meta Group. "My expectation is that we will see at least one major theft of a smart phone or PDA exposing sensitive corporate data within the next two years."
Gold estimated that these losses cost a minimum of $35 per customer whose personal data is lost, just in notification costs. "Then you add on the cost of the personal credit watchdog services that companies often provide users who are victimized, plus the potential loss of business from the negative publicity, and the total loss to the company grows rapidly," he said.
And the loss of some key business information can also be a violation of the new business regulations, such as the Sarbanes-Oxley Act and the Health Insurance Portability and Accountability Act (HIPAA). "These carry penalties ranging from substantial fines to jail time for executives," Gold warned.
So far, none of these incidents have involved handheld mobile devices, but the potential is growing. Two major developments in what has been a niche market for handhelds and high-end smart phones are making Gold's prediction likely:
- In particular, smart phones are becoming increasingly popular with knowledge workers and their employers. Increasing numbers of companies, particularly in the Global 2000, are either providing devices to mobile workers and executives for use both inside and outside the office or are supporting connectivity to devices the individuals buy for their own uses.
- While the first focus of mobile computing use is e-mail access, increasing numbers of organizations are taking the next step, extending access to data in core corporate applications such as ERP, CRM and financial systems.
- The Apple-ization of the Enterprise: Understanding IT's New World Read this paper for how to tackle Apple-ization (and the related consumerization of IT and Bring Your Own Device/BYOD).
- A Practical Introduction to Enterprise Mobility Management Read the white paper to better understand the basic concepts within mobility management and to learn how you can apply EMM technology to...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise Endpoint Backup Checklist Read this checklist to learn how to create a back up strategy to quickly and easily protect your endpoint data.
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the... All Mobile/Wireless White Papers | Webcasts