Lost laptop hall of shame
Filed in archive risk by leon on September 09, 2006

Now Robert Ellis Smith, publisher of the Privacy Journal has a piece in Forbes identifying the companies that have gone and lost laptops containing sensitive information.
Names include ING, Ahold USA, Deloitte, Electronic Data Systems, Equifax, Mercantile Potomac Bank, aetna
, Hewlett-Packard, Fidelity Investments, Hotels.com and Ernst & Young.This is not only dumb, it's also legally irresponsible. Sarbanes-Oxley requires CEOs and CFOs to attest to their companies having proper internal controls. Now, try vouching for the robustness of internal controls when the systems maintaining financial data aren't demonstrably secure.
Smith advocates some sort of legislation legislation requiring the confinement of databases with individuals' account numbers, medical data and financial information, and ensuring they are at the very least encrypted or password protected.
But the bigger problem is that most companies don't even know what's on the missing laptops. They're not even at first base!
Permalink: Lost laptop hall of shame
Tags:
lost laptops Robert Ellis Smith Privacy Journal laptop lost+laptop hall+shame
Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/35836














