If your car is stolen because you left the keys in the ignition, your insurer would not cover you for the theft because you hadn’t taken reasonable precautions.

Unfortunately, the UK Ministry of Defence has just had a laptop containing defense secrets stolen from its London headquarters, together with the equivalent of the ignition key. The encryption key was taken along with the computer, apparently giving the thief access to the laptop’s files.

This highlights a vital issue in IT security practice, but one that is often overlooked: never, ever leave an encryption key, security token or any indication of a password near the computer it protects. Even if that computer is inside a highly secure building like the Ministry of Defence HQ, there’s still a risk that a curious, or disgruntled, colleague could access the PC and data.

Your safest bet is to probably keep your most valuable data on a secure usb drive - just don’t keep the password laying around.

A recent survey of London taxi drivers shows that December is the worst time of year for losing mobile phones, laptops and memory sticks.

Apparently some 10,000 mobiles are left behind in taxis every month, and over 1,000 laptops, flash drives and other removable devices too. It’s believed that most of these losses happen because they slip out of peoples’ pockets, or are simply forgotten as passengers rush to their next meeting or destination.

The good news is that London cabbies are more honest than their counterparts in New York:
80% of taxi drivers in London claimed that they had reunited owners with their devices once they were found, compared to just 66% in New York.

Even so, it’s all the more reason to secure any data on these portable devices with encryption – just in case you’re one of the 20% whose device isn’t found.

Following a question by a member of the UK parliament, UK Government departments have revealed the numbers of laptops lost or stolen recently.

The figures are quite startling, with well over 100 laptops lost or stolen in the past year alone.  One organisation – the Department for Work and Pensions – alone lost 41 laptops last year, from its fleet of around 9,700 machines. 

Although Government departments claim that all laptops are now required to be encrypted, that’s still an awful lot of data lost.  There is also the real risk that the data may not be protected

And don’t forget, these figures are just for laptops.  You have to wonder how many other devices – such as USB memory sticks – were lost in the same period, what data was on them, and whether that data was encrypted. 

Although some UK Public Sector organisations – such as the National Health Service – are leading the way in deploying secure USB flash drives to protect data on the move, not all Government organisations are at the same level.  Unfortunately there will be many more data breaches to come in the next year.