Losing the laptop blame game

Losing the laptop blame game

Summary: Rather than trying to prevent laptop theft, companies should put systems in place to ensure such losses do not matter

TOPICS: Tech Industry

The downside of mobile devices is that sometimes they go mobile in ways the owner does not expect. Just ask MI6, the FBI or most recently building society Nationwide. Unfortunately for the financial services company, whilst its public-service counterparts in computer catastrophe received little more than a ticking off for losing hundreds of machines, Nationwide has just been hit with a £1m fine following a theft. Putting consumers' identities and nest-eggs at risk is deemed more serious than national secrets — at least in the eyes of the authorities.

Arguments about the proportionality of retribution aside — the Financial Services Authority made no bones about admitting that Nationwide was being made an example of — the real issue at stake is one of practicality. Loss of a valuable laptop, and the potentially valuable data held on it, usually results in a blame game. How can anyone be so stupid as to lose a laptop during a drinking binge at a tapas bar, for example? While not everyone has the temptation of an MI6 expense account, all of us are capable of similar lapses. The problem is not with the owner but with the system that does not allow for such incidents. Disaster planning is exactly that — anticipating the unexpected. Nationwide was at fault not because it allowed a machine to be stolen from the house of one of its employees, but because it was not prepared for such an eventuality.

Encryption is one obvious way to protect data, though protected data is of little use if it goes missing and has not been backed up. And no protection will be effective if it is inconvenient — given enough freedom, the user will always find their own way around inconvenient security. And of course the idea that sensitive information should not be on laptops is thick-headed thinking. If mobile workers cannot interact with all the data they need, when they need it, then their usefulness to the business suddenly becomes extremely limited.

The correct approach, rather than purely focusing on how to prevent laptops and other mobile devices from being stolen, is to put processes and technologies in place to make sure that it does not matter. Data on mobile devices has to be protected from the fallibility of the user as much as from the malice of the thief, and that means having the facilities to manage that data. Remote data locking and deletion, as is found now on some BlackBerry and Windows Mobile devices, is the type of protection that is required, in addition to good old encryption. As mobile data becomes increasingly ubiquitous, such solutions will become more commonplace.

Meanwhile, companies such as Nationwide should not be admonished for losing laptops, but rather for ignoring the reality that we live in a world where laptops are lost every day.

Topic: Tech Industry

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • It was STOLEN from an employee

    Laptops are not invariably 'lost', they are stolen from premises, cars, fancy bags and cases and the like. Just a few drunken young fools leave theirs under the table at the bar.

    The FSA lost dozens of laptops and mobile phones yet wasn't fined, why? Because there is nobody to guard the guards.

    Another issue is the urgent need for the money form these fines, the FSA has a conflict of interest in that money is needed to balance the books, fill the pension scheme black hole, buy more laptops to replace the ones stolen, pay for