Suppose a stolen laptop contains data on hundreds of thousands of pensioners…
Suppose you’re one of hundreds of thousands of pensioners from various companies and your data has gone missing, along with a company’s laptop, to thieves. You’d want to know about it, right? Well, you might be at the mercy of that company’s apparently lax internal policies for reporting the theft of mobile computing equipment.
In September, a laptop computer belonging to the UK offices of Deloitte went missing to thieves. On it were data records for approximately 100,000 pensionsers, reports SecurityPortal.com — or as many as 150,000, depending on where you read about it. And yet, SecurityPortal.com notes, the employee allegedly responsible for losing the machine waited until mid-October to inform the company of the incident.
That seems like a long time. Anyway, what are the implications of the theft?
A Deloitte spokesperson, quoted in ITPRO, has reassured those affected that information, protected by “a start up password, operating system user ID/password authentication, and encryption,” should remain safe and out of thieves’ hands.
And Deloitte is probably right about that. Even so, the lag of time separating the event from the employee’s reporting of it to superiors within the company is worrisome. Furthermore, the threat of lawsuits, or even the responsibility of having to inform all those affected, could cost any company in such a situation dearly.
It’s too bad, really, that more company laptops aren’t equipped with an inexpensive laptop tracking service. If they were, they’d enjoy a miniscule 0.4 percent rate of theft — much, much lower than the average: 12.5 percent.
Tags: Deloitte, laptop theft, laptop tracking, pensioner data, pensions
