Following the news about the secret service laptop theft, Rick Bueno, Co-Founder and CSO at Trivalent commented below.
Rick Bueno, Co-Founder & CSO at Trivalent:
“With the recent theft of a Secret Service agent’s laptop, which may have contained highly-sensitive data including floorplans for Trump Tower and information about the investigation into Hillary Clinton’s private email server, the importance of data protection on mobile devices and “smart” technology has been brought into national focus.
For any industry using devices in the field to process sensitive, proprietary intellectual property (IP) or critical information such as personal identifiable information (PII), schematics, trade secrets, etc., traditional approaches to security are no longer sufficient. In the event that a device is lost, stolen or breached, the need to protect valuable data on the device at all times is critical.
State sponsored and free-agent hackers’ techniques have become quite sophisticated with regard to breaking conventional encryption methods. For this reason, most agencies are constantly updating and strengthening their encryption algorithms. This approach is untenable as it results in a constant “cat and mouse” scenario that eventually leads to the compromise of the encryption.
In the case of the Secret Service agent’s stolen laptop, the information may be accessible to the thief if it was not properly secured by an advanced form of data protection solution that enables security to stay with the data at rest and at runtime, potentially creating a national security issue. However, with a next generation solution that allows only authorized users to access secured data on the device regardless of network connectivity, the device’s data will remain useless, even if the laptop’s hard drive is removed and hacking attempts are made. As industries continue to digitize, and “smart” devices with classified, proprietary or sensitive information become more commonplace, this type of security is critical—particularly in the government and defense sectors.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.