It scares me that, even if I do the duty to protect my personal information, some IT "professional" might be asleep at the switch and be the leak that sinks my ship. So, just when I thought I was going to go a whole day without feeling beat-down, I ran across this gem of a statistic:
Eighty-one percent of companies surveyed reported the loss of one or more laptops containing sensitive information during the past 12 months, according to the survey, which queried nearly 500 information security professionals.
First, I'd like to know which companies are included in this survey, just in case I need to pack up my business and take it elsewhere. Second, I'd like to autoslap any IT professional who would keep that kind of sensitive information on a LAPTOP, for crying out loud! That's about like leaving the keys to my car hanging out the driver side door lock in order to save a few seconds on the way to work in the morning.
I mean, I am sure these laptops aren't just lying on a half-abandoned desk somewhere (they aren't, are they?), but just how many need to be stolen with personal information about thousands before some IT Security person says, "OK, that's it, no more personal information is to be stored on a laptop." That's it. Enforce it; any violators will have to pay full price for the company's product or service! I know there is this big ballyhoo about how laptops can now seriously rival traditional desktop computers (personally, I still ain't buying it, but the market has to do what it has to do), but there's one good thing about a desktop; some sticky-fingered schlep can't surreptitiously ease one into a briefcase and walk out with a mountain of stolen identities. Remember, lighter, thinner, smaller might be great selling points, but these with featherweight machines these days, a fat guy can almost slide one, unnoticed, down the rear waistband of his pants!
It's not like we're talking about a multi-trillion dollar security initiative to prevent (or at least minimize) theft, but we are only talking about implementing a commom-sense policy, right? I mean, come on, consumer, we're being beat-down by companies who won't simply implement security measures that don't even cost anything, or at least very little. I had to practically call in 60 Minutes just to get my bank, my BANK, for heaven's sake, to allow me to use something other than my Social Security number as my online banking login. I even told them how potentially dangerous that could be. By the time they got done yawning and asking, "Is there anything else I can do for you today?", I was ready to say, "Yeah, who should I tell Morley Safer to ask for when he shows up to interview your IT Security team?"
What are we going to do here? Nothing? Are we going to let companies continue to play poker with our personal information, seeing it can take months or years to clean up after a good, old-fashioned identity theft? I say, NO! Give them one chance, call somebody up and ask, "Exactly what measures, policies and procedures are in place right now to protect my personal information from theft, and when can I expect you to grow up and realize that the criminal element is probably smarter (or at least more observant) that you?" OK, maybe you will want to leave that last part off, but still, you need to know, not just hope or assume, that your personal information is, and stays just that: YOURS.