Subscribe
Bio
Russell Mickler, Principal Consultant, has over 14 years of professional experience leading and managing IT organizations.
Contact Information
- Mickler & Associates
- Vancouver, WA
- Voice: 360.216.1784
- Fax: 360.397.0468
GAP Breach Exposes PPI of 800,000
Written on October 6, 2007
Leave a Comment
|
A third-party to the retail giant GAP, Inc. lost a laptop containing the personal private information (PPI) of over 800,000 job applicants. The laptop was stollen and the data found on the drive was not encrypted. Said CEO Glenn Murphy:
“Gap Inc. deeply regrets this incident occurred. We take our obligation to protect the data security of personal information very seriously.”
So seriously, in fact, as this vendor to a Fortune 500 failed to recognize HRIS information as some of the most sensitive classes of data there is, and take preventative steps to safeguard the data. If you want to take your data just a little more seriously than GAP, Inc., I always suggest TrueCrypt: http://www.truecrypt.org/.
TrueCrypt is a free, open source piece of software that can safeguard your data on jump drives (USB sticks) as well as entire hard disk partitions. If you’re using Windows, you download it – it’s free – you walk through a wizard, setup an encryption key, and you’re ready to roll.
Uncomfortable with open source? If your laptop is running Windows Vista and is new (purchased in 2007), enable Vista’s BitLocker features; just look up BitLocker from Vista’s Help and Support. BitLocker is a native encryption solution between the hard disk controller and the operating system – thus, BitLocker is found at a lower-level than file system encryption through NTFS, and, can prevent the whole drive from being mounted.
Finally, are you a tech-head or an amateur looking to use encryption with files, email, data streams, and images? PGP (Pretty Good Privacy) is the name you need to know. Easy to use shareware and commercial products from PGP provided scaled solutions for the single user all the way through enterprise platforms.
Listen – laptops and sticks being stollen and placing plaintext data at risk is nothing new; this has been happening for decades. Don’t become a statistic: use a little bit of common sense and some free tools to protect you and your business.
R