Losing data safely
In October 2007 Iron Mountain told GE Money that a backup tape was missing. GE shared the information this month. The good news is that the tape is most likely misfiled somewhere in Iron Mountain’s facility. The better news is that the tape is in a format that makes it quite unlikely that it could be read. Thus, while in theory 650,000 people have information that could be compromised, including 150,000 Social Security numbers, in reality it is not really much of an issue. Nonetheless, GE Money has offered credit tracking for a year to those whose Social Security numbers were on the tape.
Now, the lesson to be learned here is not that information can be lost – anyone who did not fall off the turnip truck yesterday knows that. Rather, the lesson is that you need to work on the assumption that your information will be lost. This means you need to switch from if/then thinking to when/then thinking. Which means that your information must be stored in as secure a format as possible, to reduce the effect of it being lost.
While we, sadly, have only a relatively small amount of sensitive information, it is all stored on encrypted drives, as are some of our applications. Our backups are encrypted, too. The data we sometimes carry with us on flash drives is encrypted as well. So even if someone were to bypass our alarms, break into our offices, and steal our computers, they would still face AES encrypted data.
Is it inconvenient to access encrypted data? Not really. Private Disk from RIT Labs, requires you to use a password or passphrase to convert the encrypted file to a visible virtual disk. You just have to remember to disconnect the virtual disk when you get up from the computer. Even if you use a long (our hover around thirty characters) passphrase, this is not onerous.
While we use Private Disk on our PCs, there are a variety of excellent products available for all platforms and environments. If your data is not yet encrypted, now would be a good time to start transitioning. This will save you substantial grief and liability in the future. Perhaps even the near future.
Rarely are they challenged by competition: If they are challenged, they go to the government to legislate against the competition, either by over- regulation or through requiring new expensive procedures that large companies can afford and small companies cannot. They buy their way out of having to compete by fixing the race.
They have no need to be good citizens because we, the people and our government, have become their vassals. Further, since many multinationals have vastly larger resources than many countries, they can change flags of state when they choose. And since the management of these companies is responsible to no one but themselves – not government, not shareholders, not the public, not anyone – they are unconstrained in their actions. The author strikes a strong warning note regarding the outcome of this lack of corporate governance and responsibility.