Mikhael Felker is an IT pro who has worked in Defense, Healthcare, High-Tech and Non-Profits. He teaches, writes, and speaks at numerous Southern California venues about technology. See here to check out all his Tom's IT Pro articles.
Theft and loss make the business case for encrypting the data on company notebook computers clear. Now what? It's time for deployment and to gain and enforce buy-in from employees.
Organizations have to commonly deal with lost or stolen laptops, especially with remote workers and business travelers weaving through airports, coffee shops, hotel rooms, rental cars, etc. So, rather than spending high variable costs on possible regulatory breach notification letters with call centers, hiring consultants for investigations, or adding liability after a breach incident, it makes sense to pay a fixed cost and impose a technical control (encryption) to reduce liability for good.
With a continuous stream of high-profile laptop thefts—remember the 25 million social security numbers from the 2006 Veteran Affairs incident—management is now getting serious about safeguarding your company’s data (e.g. sales and merger information, trade secrets, credit card data, social security numbers, medical information, etc.).
You’ve made the case for encryption. Management is sold on it. Now what?