Companies investing in laptop security, but neglecting office PCs

10 Sep 2008

There has been an almost panicked response to laptop theft and the loss of computer disks among Irish companies, according to Owen O’Connor of Security Careers and the Irish Systems Security Association.

Firms are pouring all their IT resources into shoring up their laptops by installing disk encryption at the expense of other initiatives, O’Connor says.

“It’s been all hands to the pump to get the laptops encrypted. Certainly many of the bigger companies with sensitive data floating around on laptops, including the Government departments, are in good shape on the laptop front.”

There are obviously still glitches in Government departments however, as an unencrypted laptop belonging to the Health Services Executive was today reported as having been stolen.

In their eagerness to address the security risk inherent in storing private information on laptops, companies may be neglecting to secure through encryption the PCs and servers sitting in their office space, says O’Connor.

“It is maybe a little bit short-sighted just doing it for laptops rather than doing it for PCs as well … Certainly a number of Irish organisations have had office thefts where PCs were stolen and people can be a bit more lax with what they store on a PC in their office versus a laptop which they carry around with them. The information on a desktop may actually be more sensitive,” he says.

Criminals can use basic information for a range of fraudulent activities. While much publicity has been given to identity theft in recent years, O’Connor says the real danger in Ireland lies in credentials theft, where the thief uses your details to, for instance, buy goods rather than set up a new account in your name.

ByGareth Naughton