The big security news of the day in the UK is the theft of a laptop containing private information for 500 employees from an environmental project known as the Eden Project.

The stolen laptop is believed to have personal information such as names, addresses, bank info, and phone numbers for 500 employees of the Eden Project. The laptop was stolen from the car of a contractor working for the Project since June 1, 2007.

An employee of Moorepay, the company that handles employee payroll for the Eden Project, left a laptop in his car – one of the highest risk places for laptop theft. The Eden Project’s IT security policies were apparently not stringent enough to prevent the theft.

Tim Smit, creator of the Eden Project, had this to say:

“We are appalled at the lapse of security and are making sure our personal data is never put in such a vulnerable position again.”

In the U.S. the Data Privacy and Security legislature that is currently before the Senate wants to make more rigid rules for contractors to avoid a similar breach on U.S. soil. The legislature would require that businesses investigate their contractors more closely. For example, are laptops protected with encryption, password protection and equipped with laptop recovery software? Do employees know the best practices of laptop security and data protection?

A successful security policy will apply not just to internal employees, but to all contractors who have access to confidential information. The first principle in creating effective laptop security is knowing who has access to the data. 57% of corporate crimes can be linked to stolen laptops – taking stock is no longer optional.

Via SC Magazine, PC World, ITPro Tags: , , , , , ,

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati